summaryrefslogtreecommitdiffstats
path: root/arch
diff options
context:
space:
mode:
authorBryan O'Donoghue <bryan.odonoghue@linaro.org>2018-01-12 12:40:03 +0000
committerStefano Babic <sbabic@denx.de>2018-01-14 17:26:30 +0100
commit49b6d058826ec3c588897124601f434072de07cd (patch)
tree46c6fbeb2c097e6a39a474991768d1d004399e73 /arch
parentcd2d46003ce14b21cc323a075caf90012f4cd83d (diff)
downloadu-boot-49b6d058826ec3c588897124601f434072de07cd.tar.gz
u-boot-49b6d058826ec3c588897124601f434072de07cd.tar.xz
u-boot-49b6d058826ec3c588897124601f434072de07cd.zip
arm: imx: hab: Add IVT header verification
The IVT header contains a magic number, fixed length and one of two version identifiers. Validate these settings before doing anything with a putative IVT binary. Signed-off-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org> Cc: Stefano Babic <sbabic@denx.de> Cc: Fabio Estevam <fabio.estevam@nxp.com> Cc: Peng Fan <peng.fan@nxp.com> Cc: Albert Aribaud <albert.u.boot@aribaud.net> Cc: Sven Ebenfeld <sven.ebenfeld@gmail.com> Cc: George McCollister <george.mccollister@gmail.com> Cc: Breno Matheus Lima <brenomatheus@gmail.com> Tested-by: Breno Lima <breno.lima@nxp.com> Reviewed-by: Fabio Estevam <fabio.estevam@nxp.com>
Diffstat (limited to 'arch')
-rw-r--r--arch/arm/mach-imx/hab.c36
1 files changed, 34 insertions, 2 deletions
diff --git a/arch/arm/mach-imx/hab.c b/arch/arm/mach-imx/hab.c
index 2a40d065dd..998d253f2c 100644
--- a/arch/arm/mach-imx/hab.c
+++ b/arch/arm/mach-imx/hab.c
@@ -80,6 +80,31 @@
static bool is_hab_enabled(void);
+static int ivt_header_error(const char *err_str, struct ivt_header *ivt_hdr)
+{
+ printf("%s magic=0x%x length=0x%02x version=0x%x\n", err_str,
+ ivt_hdr->magic, ivt_hdr->length, ivt_hdr->version);
+
+ return 1;
+}
+
+static int verify_ivt_header(struct ivt_header *ivt_hdr)
+{
+ int result = 0;
+
+ if (ivt_hdr->magic != IVT_HEADER_MAGIC)
+ result = ivt_header_error("bad magic", ivt_hdr);
+
+ if (be16_to_cpu(ivt_hdr->length) != IVT_TOTAL_LENGTH)
+ result = ivt_header_error("bad length", ivt_hdr);
+
+ if (ivt_hdr->version != IVT_HEADER_V1 &&
+ ivt_hdr->version != IVT_HEADER_V2)
+ result = ivt_header_error("bad version", ivt_hdr);
+
+ return result;
+}
+
#if !defined(CONFIG_SPL_BUILD)
#define MAX_RECORD_BYTES (8*1024) /* 4 kbytes */
@@ -394,6 +419,8 @@ int authenticate_image(uint32_t ddr_start, uint32_t image_size,
hab_rvt_authenticate_image_t *hab_rvt_authenticate_image;
hab_rvt_entry_t *hab_rvt_entry;
hab_rvt_exit_t *hab_rvt_exit;
+ struct ivt *ivt;
+ struct ivt_header *ivt_hdr;
hab_rvt_authenticate_image = hab_rvt_authenticate_image_p;
hab_rvt_entry = hab_rvt_entry_p;
@@ -416,6 +443,13 @@ int authenticate_image(uint32_t ddr_start, uint32_t image_size,
/* Calculate IVT address header */
ivt_addr = ddr_start + ivt_offset;
+ ivt = (struct ivt *)ivt_addr;
+ ivt_hdr = &ivt->hdr;
+
+ /* Verify IVT header bugging out on error */
+ if (verify_ivt_header(ivt_hdr))
+ goto hab_caam_clock_disable;
+
start = ddr_start;
bytes = image_size;
#ifdef DEBUG
@@ -435,8 +469,6 @@ int authenticate_image(uint32_t ddr_start, uint32_t image_size,
printf("\tivt_offset = 0x%x\n", ivt_offset);
printf("\tstart = 0x%08lx\n", start);
printf("\tbytes = 0x%x\n", bytes);
-#else
- (void)ivt_addr;
#endif
/*
* If the MMU is enabled, we have to notify the ROM