Opened 4 years ago

Closed 4 years ago

#12129 closed defect (fixed)

Strange filenames used in XO-4 secure boot path

Reported by: dsd Owned by: wmb@…
Priority: normal Milestone: Not Triaged
Component: ofw - open firmware Version: not specified
Keywords: Cc:
Blocked By: Blocking:
Deployments affected: Action Needed: never set
Verified: no



false to require-signatures
" int:" load-from-list

Tries to boot from int:\ and then int:\

Also in this area, OFW r3291 removes support for filenames such as,, - it looks like the 4 must now be included. I can see why that is a good idea for (#12091) but it would be a minor pain to lose the ability to use actos/runos/actrd/runrd - both for the build system, and also annoying for users of e.g. the collection key (to be compatible with all laptops). Could this be revisited to keep "unversioned" act*.zip/run*.zip working? (Maybe it could simply try the versioned ones first?)

Change History (5)

comment:1 Changed 4 years ago by wmb@…

The "repeating 4's" problem has already been fixed - by svn 3315 on 9/18.

On the "how should it work" front, this is the sort of issue that I personally find so irritating - and that is the nice way of putting it - that I just can't deal with it. No matter what you do, someone will want it to work the other way. So what I propose is that you or some collection of people decide what should happen in every case, write it down in the form of a Wiki page with full rationale, and then when people later complain, we can point them to that page and the bugs they file will be reassigned to you.

Making it work differently for different types of files is do-able, but will be a pain in the ass to code and thus will probably be broken for awhile. This whole security jumble is already a pain in the ass because there are so many cases to consider.

Sorry to be snippy, but like I said, I really really really hate this kind of never-ending tweak-a-thon.

comment:2 Changed 4 years ago by dsd

You're right - putting myself in your shoes and trying to write that wiki page made me get to grips with the situation. The decisions on what to support or not seem fairly arbitrary but it isn't as easy as it appears to come up with a final decision.

Anyway, I gave it some thought, thinking about what would be the cleanest and most logical solution, and came up with this:

The principles of this design are:

  • It does what makes sense first and by default - it looks for machine-suffixed filenames
  • It falls back on the old system for backwards compatibility, and for convenience (e.g. 1 collection stick filename works for all laptop models)

The changes needed in bundle-present? are:

  • Always look for the version-suffixed filename first
  • Always fall back on the unversioned names, even on XO-4

The original headache caused by #12091 is gone, since more recent software builds don't include the firmware image that caused the confusion/conflict. So it is safe to reinstate support for the name in new firmware builds.

Also, as part of this, I have modified the OS build system to produce version-suffixed filenames (plus compat symlinks for XO-1/XO-1.5). So actually with that fix and your firmware fix, the original issue that caused me to open this bug is gone, but if you would like the opportunity to solidify and document this scheme, here it is :)

comment:3 Changed 4 years ago by dsd

Seems to be working as intended with the test firmware q3c09ma. I tested with runos and runrd - with and without the versioned names, and then with both present (the versioned one was preferred). Looking good.

comment:4 Changed 4 years ago by Quozl

Daniel, are you okay to close this one given the current releases of Open Firmware?

comment:5 Changed 4 years ago by dsd

  • Resolution set to fixed
  • Status changed from new to closed

Yes, thanks.

Note: See TracTickets for help on using tickets.