base-files: allow platform_check_image to prevent --force

Introduce special handling for return code 74 (EBADMSG) of platform_check_image which will mark the image as broken and hence not allow the user to override the check using the --force option. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2025-04-24 13:05:46 +00:00 · 2025-03-31 00:32:50 +01:00 · 2025-03-31 00:32:50 +01:00 · 5175d0a623
commit 5175d0a623
parent 370a9d5586
2 changed files with 13 additions and 2 deletions
--- a/package/base-files/files/sbin/sysupgrade
+++ b/package/base-files/files/sbin/sysupgrade
@ -384,8 +384,9 @@ json_load "$(/usr/libexec/validate_firmware_image "$IMAGE")" || {
 	exit 1
 }
 json_get_var valid "valid"
+json_get_var forceable "forceable"
 [ "$valid" -eq 0 ] && {
-	if [ $FORCE -eq 1 ]; then
+	if [ $FORCE -eq 1 ] && [ "$forceable" -eq 1 ]; then
 		echo "Image check failed but --force given - will update anyway!" >&2
 	else
 		echo "Image check failed." >&2
--- a/package/base-files/files/usr/libexec/validate_firmware_image
+++ b/package/base-files/files/usr/libexec/validate_firmware_image
@ -56,7 +56,17 @@ json_init
 		# Call platform_check_image() here so it can add its test
 		# results and still mark image properly.
 		json_set_namespace $old_ns
-		platform_check_image "$1" >&2 || notify_firmware_invalid
+		platform_check_image "$1" >&2
+		case "$?" in
+		0)
+			;;
+		74)
+			notify_firmware_broken
+			;;
+		*)
+			notify_firmware_invalid
+			;;
+		esac
 		json_set_namespace validate_firmware_image old_ns
 	json_close_object
 	json_add_boolean valid "$VALID"