[openfirmware] r853 - cpu/x86/pc/olpc
svn at openfirmware.info
svn at openfirmware.info
Sun Jul 20 02:33:56 CEST 2008
Author: wmb
Date: 2008-07-20 02:33:56 +0200 (Sun, 20 Jul 2008)
New Revision: 853
Modified:
cpu/x86/pc/olpc/security.fth
Log:
OLPC trac 7572 - allow security-related files to be in a separate "security" partition.
Modified: cpu/x86/pc/olpc/security.fth
===================================================================
--- cpu/x86/pc/olpc/security.fth 2008-07-20 00:14:35 UTC (rev 852)
+++ cpu/x86/pc/olpc/security.fth 2008-07-20 00:33:56 UTC (rev 853)
@@ -196,10 +196,12 @@
\ bundle whose name is constructed from the current settings of the
\ device (DN), path (PN), filename head (CN), and filename body (FN).
+: .trying ( name$ -- name$ )
+ " Trying " ?lease-debug 2dup ?lease-debug-cr
+;
: bundle-present? ( fn$ -- flag )
fn-buf place
- bundle-name$
- " Trying " ?lease-debug 2dup ?lease-debug-cr
+ bundle-name$ .trying
['] (boot-read) catch if 2drop false exit then
true
;
@@ -457,15 +459,32 @@
check-timed-signature ( -1|0|1 )
;
+: open-failed? ( $ -- ih error? )
+ expand$ .trying r/o open-file
+;
+
+\ open-security looks for a file in the security directory.
+\ On the NAND device, it first looks in a special security partition.
+
+: open-security? ( name$ -- ih error? )
+ fn-buf place ( )
+ " ${DN}" expand$ " nand:" $= if ( )
+ " ${DN}security,\${FN}" open-failed? if ( ih )
+ drop ( )
+ else ( ih )
+ true exit
+ then ( )
+ then
+ " ${DN}\security\${FN}" open-failed? ( ih error? )
+;
+
\ lease-valid? tries to read a lease file from the currently-selected
\ device, searches it for a lease record corresponding to this machine,
\ and checks that record for validity. The return value is true if
\ a valid lease was found.
: lease-valid? ( -- valid? )
- " ${DN}\security\lease.sig" expand$ ( name$ )
- " Trying " ?lease-debug 2dup ?lease-debug-cr
- r/o open-file if drop false exit then >r ( r: ih )
+ " lease.sig" open-security? if drop false exit then >r ( r: ih )
" Lease " ?lease-debug
load-started
leasekey$ to pubkey$
@@ -601,9 +620,7 @@
: has-developer-key? ( -- flag )
button-x game-key? if false exit then
- " ${DN}\security\develop.sig" expand$ ( name$ )
- " Trying " ?lease-debug 2dup ?lease-debug-cr
- r/o open-file if drop false exit then >r ( r: ih )
+ " develop.sig" open-security? if drop false exit then >r ( r: ih )
" Devel key " ?lease-debug
load-started
develkey$ to pubkey$
More information about the openfirmware
mailing list