Ticket #12106 (closed defect: fixed)

Opened 22 months ago

Last modified 20 months ago

initramfs sometimes inflated, sometimes not

Reported by: dsd Owned by: wmb@…
Priority: low Milestone: Not Triaged
Component: ofw - open firmware Version: not specified
Keywords: Cc:
Action Needed: no action Verified: no
Deployments affected: Blocked By:
Blocking:

Description

I'm simulating the secure boot path with:

false to require-signatures?
" \boot"   pn-buf place
" int:" load-from-list drop

I have found a difference between signed boot and unsigned boot and I'm not sure if its intentional, regarding decompression of the ramdisk.

In the unsigned path, $load-ramdisk calls boot-read, which calls (boot-read) and then ?inflate-loaded

In the secure path, bundle-present? calls (boot-read) directly and doesn't seem to inflate the ramdisk anywhere.

This can be seen by debugging linux-place-ramdisk and comparing the input parameters passed to that word. In the unsecure path, the len parameter is much bigger than the size of the on-disk ramdisk, whereas in the secure path the length matches the on-disk filesize exactly.

I haven't checked if the kernel handling path is more consistent.

XO-1.75, Q4D21.

Change History

Changed 22 months ago by wmb@…

Have you tried

ok patch boot-read (boot-read) bundle-present?

to see if secure boot works with auto-inflation?

Offhand I don't know (and if I once knew, no long remember) whether there is a reason for (boot-read) vs. boot-read in this path.

Changed 22 months ago by wmb@…

  • next_action changed from never set to add to release

The suggested change in the previous comment does not work because the contents of the data portion of the bundle need to be inflated, not the bundle itself.

Fixed by svn 3366.

Changed 20 months ago by wmb@…

  • status changed from new to closed
  • resolution set to fixed

Changed 20 months ago by Quozl

  • next_action changed from add to release to no action

Is in Q4D25.

Note: See TracTickets for help on using tickets.