diff options
author | Ye Li <ye.li@nxp.com> | 2017-05-17 22:03:07 -0500 |
---|---|---|
committer | Ye Li <ye.li@nxp.com> | 2017-05-22 03:55:35 -0500 |
commit | 965249c753cb56df48de578ed97a294ab88fb597 (patch) | |
tree | 3695372d0b7688f58dc64249d7ecf95b7bfe0840 | |
parent | 950b322fb0cc2fab8fe7418b952bb4f7ab19554c (diff) | |
download | u-boot-imx-965249c753cb56df48de578ed97a294ab88fb597.zip u-boot-imx-965249c753cb56df48de578ed97a294ab88fb597.tar.gz u-boot-imx-965249c753cb56df48de578ed97a294ab88fb597.tar.bz2 |
MLK-14945 HAB: Check IVT DCD pointer before authenticating image
To avoid security leak, check the IVT DCD pointer before authenticating
the kernel image. If the pointer is not 0, set back it to 0 and give a warning
like the log below.
Authenticate image from DDR location 0x80800000...
Warning, DCD pointer must be 0
Signed-off-by: Ye Li <ye.li@nxp.com>
(cherry picked from commit 083daef8d9206d53fb4fa9807f37b8ff5dc319c7)
-rw-r--r-- | arch/arm/imx-common/hab.c | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/arch/arm/imx-common/hab.c b/arch/arm/imx-common/hab.c index 523d0e3..e332c2b 100644 --- a/arch/arm/imx-common/hab.c +++ b/arch/arm/imx-common/hab.c @@ -488,6 +488,17 @@ uint32_t authenticate_image(uint32_t ddr_start, uint32_t image_size) } } + /* Clear the DCD pointer if it is not 0 */ + unsigned char *dcd_ptr = (unsigned char *)(ddr_start + ivt_offset + 0xC); + do { + if (*dcd_ptr) { + puts("Warning, DCD pointer must be 0\n"); + memset((void *)(ddr_start + ivt_offset + 0xC), 0, 4); + break; + } + dcd_ptr++; + } while (dcd_ptr < (unsigned char *)(ddr_start + ivt_offset + 0x10)); + load_addr = (uint32_t)hab_rvt_authenticate_image( HAB_CID_UBOOT, ivt_offset, (void **)&start, |