From 4d0985295bbb50a952f4312c0a818cd89b8ee7aa Mon Sep 17 00:00:00 2001 From: Simon Glass Date: Thu, 13 Jun 2013 15:10:09 -0700 Subject: image: Add support for signing of FIT configurations While signing images is useful, it does not provide complete protection against several types of attack. For example, it it possible to create a FIT with the same signed images, but with the configuration changed such that a different one is selected (mix and match attack). It is also possible to substitute a signed image from an older FIT version into a newer FIT (roll-back attack). Add support for signing of FIT configurations using the libfdt's region support. Please see doc/uImage.FIT/signature.txt for more information. Signed-off-by: Simon Glass --- include/image.h | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) (limited to 'include/image.h') diff --git a/include/image.h b/include/image.h index da7b9a0..2614918 100644 --- a/include/image.h +++ b/include/image.h @@ -964,6 +964,22 @@ int fit_image_verify_required_sigs(const void *fit, int image_noffset, int fit_image_check_sig(const void *fit, int noffset, const void *data, size_t size, int required_keynode, char **err_msgp); +/** + * fit_region_make_list() - Make a list of regions to hash + * + * Given a list of FIT regions (offset, size) provided by libfdt, create + * a list of regions (void *, size) for use by the signature creationg + * and verification code. + * + * @fit: FIT image to process + * @fdt_regions: Regions as returned by libfdt + * @count: Number of regions returned by libfdt + * @region: Place to put list of regions (NULL to allocate it) + * @return pointer to list of regions, or NULL if out of memory + */ +struct image_region *fit_region_make_list(const void *fit, + struct fdt_region *fdt_regions, int count, + struct image_region *region); static inline int fit_image_check_target_arch(const void *fdt, int node) { -- cgit v1.1