Closed mpv89 closed 5 years ago
My only main note is that regardless of method, the whole thing must be checksum-validated. It sounds like it may be easier to do that by external sha256sum than this, but as long as we ensure every partition (+headers) are validated by some checksum, it should be fine.
tl;dr: We do need to refuse images that contain non-checksumed partitions.
Since we intend to generate BOOT.BIN correctly from the Makefile, this shouldn't add confusion for end-users.
In commit ba81059bc41d0f11c69bc99e2ac83b7295ca67b8 a few functions were added to do validation of incoming bin files either via FTP or UART.
Only simple checks are performed at this stage and the following are recommended to be added: