From 965249c753cb56df48de578ed97a294ab88fb597 Mon Sep 17 00:00:00 2001 From: Ye Li Date: Wed, 17 May 2017 22:03:07 -0500 Subject: MLK-14945 HAB: Check IVT DCD pointer before authenticating image To avoid security leak, check the IVT DCD pointer before authenticating the kernel image. If the pointer is not 0, set back it to 0 and give a warning like the log below. Authenticate image from DDR location 0x80800000... Warning, DCD pointer must be 0 Signed-off-by: Ye Li (cherry picked from commit 083daef8d9206d53fb4fa9807f37b8ff5dc319c7) --- arch/arm/imx-common/hab.c | 11 +++++++++++ 1 file changed, 11 insertions(+) (limited to 'arch/arm') diff --git a/arch/arm/imx-common/hab.c b/arch/arm/imx-common/hab.c index 523d0e3..e332c2b 100644 --- a/arch/arm/imx-common/hab.c +++ b/arch/arm/imx-common/hab.c @@ -488,6 +488,17 @@ uint32_t authenticate_image(uint32_t ddr_start, uint32_t image_size) } } + /* Clear the DCD pointer if it is not 0 */ + unsigned char *dcd_ptr = (unsigned char *)(ddr_start + ivt_offset + 0xC); + do { + if (*dcd_ptr) { + puts("Warning, DCD pointer must be 0\n"); + memset((void *)(ddr_start + ivt_offset + 0xC), 0, 4); + break; + } + dcd_ptr++; + } while (dcd_ptr < (unsigned char *)(ddr_start + ivt_offset + 0x10)); + load_addr = (uint32_t)hab_rvt_authenticate_image( HAB_CID_UBOOT, ivt_offset, (void **)&start, -- cgit v1.1