Eric Lee / smarc-uboot

Download as
Browse Code ยป

Commit c6f1a810082bfd1934f4efe54ffaa607e504112e

Authored by Ye Li
1 parent 58a48836d8
Exists in smarc_8mm-imx_v2018.03_4.14.98_2.0.0_ga and in 4 other branches smarc-imx6_v2018.03_4.14.98_2.0.0_ga, smarc-imx7_v2018.03_4.14.98_2.0.0_ga, smarc_8m-imx_v2018.03_4.14.98_2.0.0_ga, smarc_8m_00d0-imx_v2018.03_4.14.98_2.0.0_ga

MLK-20933 imx8: ahab: Check image address before using it 

Check the OS container image address is belonged to valiad DRAM memory
before accessing it to avoid u-boot crash on invalid address.

Also refine the error print.

Signed-off-by: Ye Li <ye.li@nxp.com>
Reviewed-by: Peng Fan <peng.fan@nxp.com>
(cherry picked from commit f40dc07b3df9ad71ea501c77a19924361b133de7)

Showing 1 changed file with 31 additions and 8 deletions Side-by-side Diff

arch/arm/mach-imx/imx8/ahab.c
Diff comments   View file @ c6f1a81
... ... @@ -24,6 +24,22 @@
24 24  
25 25 #define SECO_PT 2U
26 26  
  27 +static inline bool check_in_dram(ulong addr)
  28 +{
  29 + int i;
  30 + bd_t *bd = gd->bd;
  31 +
  32 + for (i = 0; i < CONFIG_NR_DRAM_BANKS; ++i) {
  33 + if (bd->bi_dram[i].size) {
  34 + if (addr >= bd->bi_dram[i].start &&
  35 + addr < (bd->bi_dram[i].start + bd->bi_dram[i].size))
  36 + return true;
  37 + }
  38 + }
  39 +
  40 + return false;
  41 +}
  42 +
27 43 int authenticate_os_container(ulong addr)
28 44 {
29 45 struct container_hdr *phdr;
30 46  
31 47  
32 48  
33 49  
... ... @@ -34,17 +50,24 @@
34 50 sc_faddr_t start, end;
35 51 uint16_t length;
36 52  
37   - if (addr % 4)
  53 + if (addr % 4) {
  54 + puts("Error: Image's address is not 4 byte aligned\n");
38 55 return -EINVAL;
  56 + }
39 57  
  58 + if (!check_in_dram(addr)) {
  59 + puts("Error: Image's address is invalid \n");
  60 + return -EINVAL;
  61 + }
  62 +
40 63 phdr = (struct container_hdr *)addr;
41 64 if (phdr->tag != 0x87 && phdr->version != 0x0) {
42   - printf("Wrong container header\n");
  65 + printf("Error: Wrong container header\n");
43 66 return -EFAULT;
44 67 }
45 68  
46 69 if (!phdr->num_images) {
47   - printf("Wrong container, no image found\n");
  70 + printf("Error: Wrong container, no image found\n");
48 71 return -EFAULT;
49 72 }
50 73  
... ... @@ -55,7 +78,7 @@
55 78  
56 79 err = sc_seco_authenticate(ipcHndl, SC_MISC_AUTH_CONTAINER, SECO_LOCAL_SEC_SEC_SECURE_RAM_BASE);
57 80 if (err) {
58   - printf("authenticate container hdr failed, return %d\n", err);
  81 + printf("Error: authenticate container hdr failed, return %d\n", err);
59 82 ret = -EIO;
60 83 goto exit;
61 84 }
... ... @@ -75,7 +98,7 @@
75 98 img->dst & ~(CONFIG_SYS_CACHELINE_SIZE - 1), ALIGN(img->dst + img->size, CONFIG_SYS_CACHELINE_SIZE));
76 99  
77 100 if (err) {
78   - printf("can't find memreg for image load address %d, error %d\n", i, err);
  101 + printf("Error: can't find memreg for image load address %d, error %d\n", i, err);
79 102 ret = -ENOMEM;
80 103 goto exit;
81 104 }
82 105  
83 106  
... ... @@ -86,20 +109,20 @@
86 109  
87 110 err = sc_rm_set_memreg_permissions(ipcHndl, mr, SECO_PT, SC_RM_PERM_FULL);
88 111 if (err) {
89   - printf("set permission failed for img %d, error %d\n", i, err);
  112 + printf("Error: set permission failed for img %d, error %d\n", i, err);
90 113 ret = -EPERM;
91 114 goto exit;
92 115 }
93 116  
94 117 err = sc_seco_authenticate(ipcHndl, SC_MISC_VERIFY_IMAGE, (1 << i));
95 118 if (err) {
96   - printf("authenticate img %d failed, return %d\n", i, err);
  119 + printf("Error: authenticate img %d failed, return %d\n", i, err);
97 120 ret = -EIO;
98 121 }
99 122  
100 123 err = sc_rm_set_memreg_permissions(ipcHndl, mr, SECO_PT, SC_RM_PERM_NONE);
101 124 if (err) {
102   - printf("remove permission failed for img %d, error %d\n", i, err);
  125 + printf("Error: remove permission failed for img %d, error %d\n", i, err);
103 126 ret = -EPERM;
104 127 }
105 128