brain-hackers_pepepper-mirror/u-boot-brain
1
0
Fork 0
mirror of https://github.com/brain-hackers/u-boot-brain synced 2024-10-06 11:30:47 +09:00
Code Issues Projects Releases Wiki Activity
fe8acf556c
u-boot-brain/arch/arm/mach-imx
History
Utkarsh Gupta fe8acf556c imx: HAB: Validate IVT before authenticating image 
Calling csf_is_valid() with an un-signed image may lead to data abort
as the CSF pointer could be pointing to a garbage address when accessed
in HAB_HDR_LEN(*(const struct hab_hdr *)(ulong)ivt_initial->csf).

Authenticate image from DDR location 0x80800000...
Check CSF for Write Data command before authenticating image
data abort
pc : [<fff5494c>]          lr : [<fff54910>]
reloc pc : [<8780294c>]    lr : [<87802910>]
sp : fdf45dc8  ip : 00000214     fp : 00000000
r10: fffb6170  r9 : fdf4fec0     r8 : 00722020
r7 : 80f20000  r6 : 80800000     r5 : 80800000  r4 : 00720000
r3 : 17a5aca3  r2 : 00000000     r1 : 80f2201f  r0 : 00000019
Flags: NzcV  IRQs off  FIQs off  Mode SVC_32
Resetting CPU ...

resetting ...

To avoid such errors during authentication process, validate IVT structure
by calling validate_ivt function which checks the following values in an IVT:

IVT_HEADER = 0x4X2000D1
ENTRY != 0x0
RES1 = 0x0
DCD = 0x0       /* Recommended */
SELF != 0x0     /* Absoulute address of IVT */
CSF != 0x0
RES2 = 0x0

This commit also checks if Image's start address is 4 byte aligned.

commit "0088d127 MLK-14945 HAB: Check if IVT valid before authenticating image"
removed as this patch addresses the issue.

Signed-off-by: Utkarsh Gupta <utkarsh.gupta@nxp.com>
Signed-off-by: Ye Li <ye.li@nxp.com>
Signed-off-by: Peng Fan <peng.fan@nxp.com>
2021-04-08 09:18:29 +02:00
..
imx8 common: Drop asm/global_data.h from common header 2021-02-02 15:33:42 -05:00
imx8m iMX8MQ: Recognize the B2 revision 2021-04-08 09:18:29 +02:00
imxrt common: Drop linux/bitops.h from common header 2020-05-18 21:19:23 -04:00
mx2 arm: Remove mx25pdk board 2021-02-25 11:59:05 -05:00
mx3 arm: Remove mx31pdk board 2020-07-09 20:58:06 +05:30
mx5 arm: Remove mx53smd board 2021-02-25 11:59:06 -05:00
mx6 ARM: mx6: Add function to set serial# 2021-03-01 10:21:36 +01:00
mx7 common: Drop asm/global_data.h from common header 2021-02-02 15:33:42 -05:00
mx7ulp reset: Remove addr parameter from reset_cpu() 2021-03-02 14:03:02 -05:00
mxs arm: Remove apx4devkit board 2021-02-15 10:11:37 -05:00
cache.c common: Drop net.h from common header 2020-05-18 17:33:31 -04:00
cmd_bmode.c ARM: imx: Add support for reading out the primary/secondary bmode 2020-08-17 17:55:17 +02:00
cmd_dek.c imx: Avoid hardcoded Job Ring Max size 2021-04-08 09:18:29 +02:00
cmd_hdmidet.c command: Remove the cmd_tbl_t typedef 2020-05-18 18:36:55 -04:00
cmd_mfgprot.c imx: Avoid hardcoded Job Ring Max size 2021-04-08 09:18:29 +02:00
cmd_nandbcb.c nandbcb: nand support for i.MX8MP 2021-01-23 11:30:31 +01:00
cpu.c imx8mn: Add support for 11x11 UltraLite part number 2021-04-08 09:18:29 +02:00
ddrmc-vf610-calibration.c common: Drop log.h from common header 2020-05-18 21:19:18 -04:00
ddrmc-vf610-calibration.h ddr: vybrid: Provide code to perform on-boot calibration 2019-02-15 12:16:50 +01:00
ddrmc-vf610.c common: Drop linux/delay.h from common header 2020-05-18 21:19:23 -04:00
hab.c imx: HAB: Validate IVT before authenticating image 2021-04-08 09:18:29 +02:00
i2c-mxv7.c dm: i2c: use CONFIG_IS_ENABLED macro for DM_I2C/DM_I2C_GPIO 2021-02-21 06:08:00 +01:00
imx_bootaux.c imx: bootaux: use arm_smccc_smc 2020-07-14 15:23:46 +08:00
init.c ARM: imx: Add support for switching primary/secondary boot mode to bmode 2020-08-17 17:54:01 +02:00
iomux-v3.c SPDX: Convert all of our single license tags to Linux Kernel style 2018-05-07 09:34:12 -04:00
Kconfig imx: imx7 Support for Manufacturing Protection 2021-04-08 09:18:29 +02:00
lowlevel.S imx: add lowlevel init for ARM64 2019-04-25 19:16:24 +02:00
mac.c SPDX: Convert all of our single license tags to Linux Kernel style 2018-05-07 09:34:12 -04:00
Makefile imx: imx7 Support for Manufacturing Protection 2021-04-08 09:18:29 +02:00
misc.c common: Drop asm/global_data.h from common header 2021-02-02 15:33:42 -05:00
mkimage_fit_atf.sh imx: move ATF to the back of the FIT to fix loading over yModem 2020-06-08 10:41:38 +02:00
mmc_env.c Revert "imx: mmc_env: update runtime SD/MMC boot env device" 2019-10-08 16:36:37 +02:00
mmdc_size.c imx: mmdc_size: Allow building it for i.MX7ULP 2019-10-14 09:31:41 +02:00
rdc-sema.c SPDX: Convert all of our single license tags to Linux Kernel style 2018-05-07 09:34:12 -04:00
sata.c arm: Don't include common.h in header files 2020-05-18 14:54:24 -04:00
speed.c common: Drop asm/global_data.h from common header 2021-02-02 15:33:42 -05:00
spl_imx_romapi.c common: Drop asm/global_data.h from common header 2021-02-02 15:33:42 -05:00
spl_qspi.cfg arm: imx: Finish migration from CONFIG_SECURE_BOOT to CONFIG_IMX_HAB 2020-06-26 10:29:06 -04:00
spl_sd.cfg imx: replace CONFIG_SECURE_BOOT with CONFIG_IMX_HAB 2019-10-08 16:36:37 +02:00
spl.c spl: fit: Drop 'length' argument to board_spl_fit_post_load() 2021-02-17 17:12:45 -05:00
syscounter.c common: Drop asm/global_data.h from common header 2021-02-02 15:33:42 -05:00
timer.c common: Drop asm/global_data.h from common header 2021-02-02 15:33:42 -05:00
video.c env: Move env_get() to env.h 2019-08-11 16:43:41 -04:00