LM
/
u-boot
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

MLK-20798 imx8: spl: Fix container header parser issue 

Current container parser only load 0x400 as container header size.
However, the signature block in container header may exceed 0x400 size,
when using certificate or 4096bits RSA keys to sign image, so we
have to load the entire header according to container length field.
Otherwise the container authentication will fail

Signed-off-by: Ye Li <ye.li@nxp.com>
Reviewed-by: Peng Fan <peng.fan@nxp.com>
This commit is contained in:
Ye Li 2019-01-22 05:07:33 -08:00
parent abef8ce6c2
commit f435435f2e
1 changed files with 20 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
arch/arm/mach-imx/imx8/parser.c
View File

@ -187,8 +187,10 @@ static int read_auth_container(struct spl_image_info *spl_image)
return -ENOMEM;
ret = read(start_offset, CONTAINER_HDR_ALIGNMENT, (void *)container);
if (ret)
return ret;
if (ret) {
printf("Error in read container %d\n", ret);
goto out;
}
if (container->tag != 0x87 && container->version != 0x0) {
printf("Wrong container header\n");
@ -205,6 +207,22 @@ static int read_auth_container(struct spl_image_info *spl_image)
length = container->length_lsb + (container->length_msb << 8);
debug("container length %u\n", length);
if (length > CONTAINER_HDR_ALIGNMENT) {
length = ALIGN(length, CONTAINER_HDR_ALIGNMENT);
free(container);
container = malloc(length);
if (!container)
return -ENOMEM;
ret = read(start_offset, length, (void *)container);
if (ret) {
printf("Error in read full container %d\n", ret);
goto out;
}
}
memcpy((void *)SEC_SECURE_RAM_BASE, (const void *)container,
ALIGN(length, CONFIG_SYS_CACHELINE_SIZE));