diff --git a/initrd/bin/flash-gui.sh b/initrd/bin/flash-gui.sh index 4a4e095e5..fa7f91df1 100755 --- a/initrd/bin/flash-gui.sh +++ b/initrd/bin/flash-gui.sh @@ -22,10 +22,10 @@ while true; do ;; f|c ) if (whiptail $BG_COLOR_WARNING --title 'Flash the BIOS with a new ROM' \ - --yesno "You will need to insert a USB drive containing your BIOS image (*.rom).\n\nAfter you select this file, this program will reflash your BIOS.\n\nDo you want to proceed?" 16 90) then + --yesno "You will need to insert a USB drive containing your BIOS image (*.rom or *.tgz).\n\nAfter you select this file, this program will reflash your BIOS.\n\nDo you want to proceed?" 16 90) then mount_usb if grep -q /media /proc/mounts ; then - find /media ! -path '*/\.*' -type f -name '*.rom' | sort > /tmp/filelist.txt + find /media ! -path '*/\.*' -type f \( -name '*.rom' -o -name '*.tgz' \) | sort > /tmp/filelist.txt file_selector "/tmp/filelist.txt" "Choose the ROM to flash" if [ "$FILE" == "" ]; then return diff --git a/initrd/bin/flash.sh b/initrd/bin/flash.sh index 70d927f33..cc2ac0313 100755 --- a/initrd/bin/flash.sh +++ b/initrd/bin/flash.sh @@ -159,8 +159,41 @@ else fi if [ ! -e "$ROM" ]; then - die "Usage: $0 [-c|-r] " + die "Usage: $0 [-c|-r] " +fi + +if [ "$READ" -eq 0 ] && [ "${ROM##*.}" = tgz ]; then + if [ "${CONFIG_BOARD%_*}" = talos-2 ]; then + rm -rf /tmp/verified_rom + mkdir /tmp/verified_rom + + tar -C /tmp/verified_rom -xf $ROM + if ! (cd /tmp/verified_rom/ && sha256sum -cs hashes.txt); then + die "Provided tgz image did not pass hash verification" + fi + + echo "Reading current flash and building an update image" + flashrom $CONFIG_FLASHROM_OPTIONS -r /tmp/flash.sh.bak \ + || die "Read of flash has failed" + + # ROM and bootblock already have ECC + bootblock=$(echo /tmp/verified_rom/*.bootblock) + rom=$(echo /tmp/verified_rom/*.rom) + kernel=$(echo /tmp/verified_rom/*-zImage.bundled) + pnor /tmp/flash.sh.bak -aw HBB < $bootblock + pnor /tmp/flash.sh.bak -aw HBI < $rom + pnor /tmp/flash.sh.bak -aw BOOTKERNEL < $kernel + rm -rf /tmp/verified_rom + + ROM=/tmp/flash.sh.bak + else + die "$CONFIG_BOARD doesn't support tgz image format" + fi fi flash_rom $ROM + +# don't leave temporary files lying around +rm -f /tmp/flash.sh.bak + exit 0