[U-Boot] U-Boot Hole in Verified Boot

[Larry.Gass at microchip.com]

This is my first post to the U-Boot mailing list so if I'm doing it wrong I apologize in advance and would welcome feedback.

I was able to bypass the SHA+RSA check of an image by performing a "fdt checksign" followed by a load of an unsigned image, even though I have 'required="conf"' in my control FDT.

Below, I have 2 images. linuxnosec.itb is not signed. linux.itb IS signed correctly.

How do I report the bug?
Thanks,
Larry


------------------------------------------------------------------------------------------------
Good behavior:

=> fatload mmc 1:1 0x20000000 linuxnosec.itb
4989282 bytes read in 331 ms (14.4 MiB/s)

=> bootm 0x20000000
## Loading kernel from FIT Image at 20000000 ...
   Using 'conf at 1' configuration
   Verifying Hash Integrity ... sha256,rsa4096:samkey- Failed to verify required signature 'key-samkey'
Bad Data Hash
ERROR: can't get kernel image!
=>

-------------------------------------------------------------------------------------------------
How to bypass the signature check:
=> fatload mmc 1:1 0x20000000 linux.itb
4975090 bytes read in 330 ms (14.4 MiB/s)

=> bdinfo
arch_number = 0x00000000
boot_params = 0x20000100
DRAM bank   = 0x00000000
-> start    = 0x20000000
-> size     = 0x20000000
baudrate    = 115200 bps
TLB addr    = 0x3FFF0000
relocaddr   = 0x3FD58000
reloc off   = 0x18E58000
irq_sp      = 0x3F952FB0
sp start    = 0x3F952FA0
Early malloc usage: 14f0 / 2000
fdt_blob = 3f952fc8

=> fdt addr 0x3f952fc8
=> fdt check 0x20000000
=> fatload mmc 1:1 0x20000000 linuxnosec.itb

4989282 bytes read in 332 ms (14.3 MiB/s)

=> bootm 0x20000000
## Loading kernel from FIT Image at 20000000 ...
   Using 'conf at 1' configuration
   Verifying Hash Integrity ... OK
   Trying 'kernel at 1' kernel subimage
     Description:  unavailable
     Type:         Kernel Image
     Compression:  uncompressed
     Data Start:   0x200000c4
     Data Size:    4937752 Bytes = 4.7 MiB
     Architecture: ARM
     OS:           Linux
     Load Address: 0x21000000
     Entry Point:  0x21000000
     Hash algo:    sha256
     Hash value:   a6fa3b9d6b8ec4e302130b56a95dfdbcb5845980a6cd8fbf7de1f21dafaa3229
   Verifying Hash Integrity ... sha256+ OK
## Loading fdt from FIT Image at 20000000 ...
   Using 'conf at 1' configuration
   Trying 'fdt at 1' fdt subimage
     Description:  unavailable
     Type:         Flat Device Tree
     Compression:  uncompressed
     Data Start:   0x204b59b4
     Data Size:    33480 Bytes = 32.7 KiB
     Architecture: ARM
     Hash algo:    sha256
     Hash value:   4e338db79f27d05fc666aaffce73c5e03562562da7b59913eec2b374aaef4b07
   Verifying Hash Integrity ... sha256+ OK
   Booting using the fdt blob at 0x204b59b4
   Loading Kernel Image ... OK
   Loading Device Tree to 3f946000, end 3f9512c7 ... OK

Starting kernel ...