Verify signature for non ubifs image
Enable signature verification on non ubifs build.
The code is the same for ubifs and non ubifs, so move related code into
separated functions.
Tested: Verify that the signature check happens during code update, and
successfully updated the code when the image is valid;
verify it fails to update in field mode when the image is
modified.
Change-Id: I81a536fb7ea05d804fa592c57bbed8f32f07a559
Signed-off-by: Lei YU <mine260309@gmail.com>
diff --git a/activation.cpp b/activation.cpp
index 2979752..421902a 100644
--- a/activation.cpp
+++ b/activation.cpp
@@ -1,6 +1,5 @@
#include "activation.hpp"
#include "item_updater.hpp"
-#include "config.h"
#include "serialize.hpp"
#include <phosphor-logging/log.hpp>
#include <sdbusplus/exception.hpp>
@@ -98,25 +97,16 @@
}
#ifdef WANT_SIGNATURE_VERIFY
- using Signature = phosphor::software::image::Signature;
-
fs::path uploadDir(IMG_UPLOAD_DIR);
-
- Signature signature(uploadDir / versionId, SIGNED_IMAGE_CONF_PATH);
-
- // Validate the signed image.
- if (!signature.verify())
+ if (!verifySignature(uploadDir / versionId, SIGNED_IMAGE_CONF_PATH))
{
- log<level::ERR>("Error occurred during image validation");
- report<InternalFailure>();
-
+ onVerifyFailed();
// Stop the activation process, if fieldMode is enabled.
if (parent.control::FieldMode::fieldModeEnabled())
{
// Cleanup
activationBlocksTransition.reset(nullptr);
activationProgress.reset(nullptr);
-
return softwareServer::Activation::activation(
softwareServer::Activation::Activations::Failed);
}
@@ -163,6 +153,19 @@
}
#else // !UBIFS_LAYOUT
+#ifdef WANT_SIGNATURE_VERIFY
+ fs::path uploadDir(IMG_UPLOAD_DIR);
+ if (!verifySignature(uploadDir / versionId, SIGNED_IMAGE_CONF_PATH))
+ {
+ onVerifyFailed();
+ // Stop the activation process, if fieldMode is enabled.
+ if (parent.control::FieldMode::fieldModeEnabled())
+ {
+ return softwareServer::Activation::activation(
+ softwareServer::Activation::Activations::Failed);
+ }
+ }
+#endif
parent.freeSpace();
flashWrite();
@@ -260,6 +263,24 @@
return;
}
+#ifdef WANT_SIGNATURE_VERIFY
+bool Activation::verifySignature(const fs::path& imageDir,
+ const fs::path& confDir)
+{
+ using Signature = phosphor::software::image::Signature;
+
+ Signature signature(imageDir, confDir);
+
+ return signature.verify();
+}
+
+void Activation::onVerifyFailed()
+{
+ log<level::ERR>("Error occurred during image validation");
+ report<InternalFailure>();
+}
+#endif
+
void ActivationBlocksTransition::enableRebootGuard()
{
log<level::INFO>("BMC image activating - BMC reboots are disabled.");
diff --git a/activation.hpp b/activation.hpp
index ba7c618..7f0120f 100644
--- a/activation.hpp
+++ b/activation.hpp
@@ -8,6 +8,12 @@
#include "xyz/openbmc_project/Software/ActivationProgress/server.hpp"
#include "org/openbmc/Associations/server.hpp"
+#include "config.h"
+
+#ifdef WANT_SIGNATURE_VERIFY
+#include <experimental/filesystem>
+#endif
+
namespace phosphor
{
namespace software
@@ -15,6 +21,10 @@
namespace updater
{
+#ifdef WANT_SIGNATURE_VERIFY
+namespace fs = std::experimental::filesystem;
+#endif
+
using AssociationList =
std::vector<std::tuple<std::string, std::string, std::string>>;
using ActivationInherit = sdbusplus::server::object::object<
@@ -320,6 +330,21 @@
/** @brief Tracks if the service that updates the U-Boot environment
* variables has completed. **/
bool ubootEnvVarsUpdated = false;
+
+#ifdef WANT_SIGNATURE_VERIFY
+ private:
+ /** @brief Verify signature of the images.
+ *
+ * @param[in] imageDir - The path of images to verify
+ * @param[in] confDir - The path of configs for verification
+ *
+ * @return true if verification successful and false otherwise
+ */
+ bool verifySignature(const fs::path& imageDir, const fs::path& confDir);
+
+ /** @brief Called when image verification fails. */
+ void onVerifyFailed();
+#endif
};
} // namespace updater