Eric Lee / smarc-uboot

Download as
Browse Code ยป

Commit 965249c753cb56df48de578ed97a294ab88fb597

Authored by Ye Li
1 parent 950b322fb0
Exists in smarc-n7.1.2_2.0.0-ga and in 2 other branches smarc-imx7_v2017.03_4.9.11_1.0.0_ga, smarc-imx_v2017.03_4.9.11_1.0.0_ga

MLK-14945 HAB: Check IVT DCD pointer before authenticating image 

To avoid security leak, check the IVT DCD pointer before authenticating
the kernel image. If the pointer is not 0, set back it to 0 and give a warning
like the log below.

	Authenticate image from DDR location 0x80800000...
	Warning, DCD pointer must be 0

Signed-off-by: Ye Li <ye.li@nxp.com>
(cherry picked from commit 083daef8d9206d53fb4fa9807f37b8ff5dc319c7)

Showing 1 changed file with 11 additions and 0 deletions Side-by-side Diff

arch/arm/imx-common/hab.c
Diff comments   View file @ 965249c
... ... @@ -488,6 +488,17 @@
488 488 }
489 489 }
490 490  
  491 + /* Clear the DCD pointer if it is not 0 */
  492 + unsigned char *dcd_ptr = (unsigned char *)(ddr_start + ivt_offset + 0xC);
  493 + do {
  494 + if (*dcd_ptr) {
  495 + puts("Warning, DCD pointer must be 0\n");
  496 + memset((void *)(ddr_start + ivt_offset + 0xC), 0, 4);
  497 + break;
  498 + }
  499 + dcd_ptr++;
  500 + } while (dcd_ptr < (unsigned char *)(ddr_start + ivt_offset + 0x10));
  501 +
491 502 load_addr = (uint32_t)hab_rvt_authenticate_image(
492 503 HAB_CID_UBOOT,
493 504 ivt_offset, (void **)&start,