Commit f435435f2e8367dc3f689d6ba946441a54acad0a
1 parent
abef8ce6c2
Exists in
smarc_8mm-imx_v2018.03_4.14.98_2.0.0_ga
and in
4 other branches
MLK-20798 imx8: spl: Fix container header parser issue
Current container parser only load 0x400 as container header size. However, the signature block in container header may exceed 0x400 size, when using certificate or 4096bits RSA keys to sign image, so we have to load the entire header according to container length field. Otherwise the container authentication will fail Signed-off-by: Ye Li <ye.li@nxp.com> Reviewed-by: Peng Fan <peng.fan@nxp.com>
Showing 1 changed file with 20 additions and 2 deletions Side-by-side Diff
arch/arm/mach-imx/imx8/parser.c
... | ... | @@ -187,8 +187,10 @@ |
187 | 187 | return -ENOMEM; |
188 | 188 | |
189 | 189 | ret = read(start_offset, CONTAINER_HDR_ALIGNMENT, (void *)container); |
190 | - if (ret) | |
191 | - return ret; | |
190 | + if (ret) { | |
191 | + printf("Error in read container %d\n", ret); | |
192 | + goto out; | |
193 | + } | |
192 | 194 | |
193 | 195 | if (container->tag != 0x87 && container->version != 0x0) { |
194 | 196 | printf("Wrong container header\n"); |
... | ... | @@ -205,6 +207,22 @@ |
205 | 207 | length = container->length_lsb + (container->length_msb << 8); |
206 | 208 | |
207 | 209 | debug("container length %u\n", length); |
210 | + | |
211 | + if (length > CONTAINER_HDR_ALIGNMENT) { | |
212 | + length = ALIGN(length, CONTAINER_HDR_ALIGNMENT); | |
213 | + | |
214 | + free(container); | |
215 | + container = malloc(length); | |
216 | + if (!container) | |
217 | + return -ENOMEM; | |
218 | + | |
219 | + ret = read(start_offset, length, (void *)container); | |
220 | + if (ret) { | |
221 | + printf("Error in read full container %d\n", ret); | |
222 | + goto out; | |
223 | + } | |
224 | + } | |
225 | + | |
208 | 226 | memcpy((void *)SEC_SECURE_RAM_BASE, (const void *)container, |
209 | 227 | ALIGN(length, CONFIG_SYS_CACHELINE_SIZE)); |
210 | 228 |