leandrof/u-boot
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
fe8acf556c
u-boot/arch
History
Utkarsh Gupta fe8acf556c imx: HAB: Validate IVT before authenticating image 
Calling csf_is_valid() with an un-signed image may lead to data abort
as the CSF pointer could be pointing to a garbage address when accessed
in HAB_HDR_LEN(*(const struct hab_hdr *)(ulong)ivt_initial->csf).

Authenticate image from DDR location 0x80800000...
Check CSF for Write Data command before authenticating image
data abort
pc : [<fff5494c>]          lr : [<fff54910>]
reloc pc : [<8780294c>]    lr : [<87802910>]
sp : fdf45dc8  ip : 00000214     fp : 00000000
r10: fffb6170  r9 : fdf4fec0     r8 : 00722020
r7 : 80f20000  r6 : 80800000     r5 : 80800000  r4 : 00720000
r3 : 17a5aca3  r2 : 00000000     r1 : 80f2201f  r0 : 00000019
Flags: NzcV  IRQs off  FIQs off  Mode SVC_32
Resetting CPU ...

resetting ...

To avoid such errors during authentication process, validate IVT structure
by calling validate_ivt function which checks the following values in an IVT:

IVT_HEADER = 0x4X2000D1
ENTRY != 0x0
RES1 = 0x0
DCD = 0x0       /* Recommended */
SELF != 0x0     /* Absoulute address of IVT */
CSF != 0x0
RES2 = 0x0

This commit also checks if Image's start address is 4 byte aligned.

commit "0088d127 MLK-14945 HAB: Check if IVT valid before authenticating image"
removed as this patch addresses the issue.

Signed-off-by: Utkarsh Gupta <utkarsh.gupta@nxp.com>
Signed-off-by: Ye Li <ye.li@nxp.com>
Signed-off-by: Peng Fan <peng.fan@nxp.com>
2021-04-08 09:18:29 +02:00
..
arc reset: Remove addr parameter from reset_cpu() 2021-03-02 14:03:02 -05:00
arm imx: HAB: Validate IVT before authenticating image 2021-04-08 09:18:29 +02:00
m68k Merge branch '2021-02-02-drop-asm_global_data-when-unused' 2021-02-15 10:16:45 -05:00
microblaze common: Drop asm/global_data.h from common header 2021-02-02 15:33:42 -05:00
mips common: Drop asm/global_data.h from common header 2021-02-02 15:33:42 -05:00
nds32 reset: Remove addr parameter from reset_cpu() 2021-03-02 14:03:02 -05:00
nios2 common: Drop asm/global_data.h from common header 2021-02-02 15:33:42 -05:00
powerpc powerpc: t2080rdb: Enable RTC support 2021-03-23 18:06:07 +05:30
riscv cpu: Rename SPL_CPU_SUPPORT to SPL_CPU 2021-03-27 15:04:31 +13:00
sandbox sandbox: define __dyn_sym_start, dyn_sym_end 2021-03-27 16:26:48 +13:00
sh reset: Remove addr parameter from reset_cpu() 2021-03-02 14:03:02 -05:00
x86 x86: coral: Show memory config and SKU ID on startup 2021-03-27 16:26:48 +13:00
xtensa common: Drop asm/global_data.h from common header 2021-02-02 15:33:42 -05:00
.gitignore
Kconfig sandbox: imply SCP03 and CMD_SCP03 2021-03-14 11:50:16 -04:00
u-boot-elf.lds arch: Add explicit linker script for u-boot-elf 2020-04-03 11:52:55 -04:00