[PATCH] spl: Add callback for preprocessing loaded FIT header before parsing
Farhan Ali
farhan.ali at broadcom.com
Thu Feb 25 00:25:31 CET 2021
This change adds a callback for preprocessing the FIT header before
it is parsed. There are 3 main reasons for this callback:
(1) If a vulnerability is discovered in the FIT parsing/loading code,
or libfdt, this callback allows users to scan the FIT header for
specific exploit signatures and prevent flashing/booting of the image
(2) If users want to implement a single signature which covers the
entire FIT header, which is then appended to the end of the header,
then this callback can be used to authenticate that signature.
(3) If users want to check the FIT header contents against specific
metadata stored outside the FIT header, then this callback allows
them to do that.
Signed-off-by: Farhan Ali <farhan.ali at broadcom.com>
---
Cc: Simon Glass <sjg at chromium.org>
Cc: Alexandru Gagniuc <mr.nuke.me at gmail.com>
Cc: Marek Vasut <marex at denx.de>
Cc: Michal Simek <michal.simek at xilinx.com>
Cc: Philippe Reynes <philippe.reynes at softathome.com>
Cc: Samuel Holland <samuel at sholland.org>
common/spl/spl_fit.c | 9 +++++++++
1 file changed, 9 insertions(+)
diff --git a/common/spl/spl_fit.c b/common/spl/spl_fit.c
index 75c8ff0..e03c67b 100644
--- a/common/spl/spl_fit.c
+++ b/common/spl/spl_fit.c
@@ -43,6 +43,12 @@ __weak ulong board_spl_fit_size_align(ulong size)
return size;
}
+__weak void board_spl_fit_pre_load(struct spl_load_info *load_info, void *fit,
+ ulong start_sector,
+ ulong loaded_sector_count)
+{
+}
+
static int find_node_from_desc(const void *fit, int node, const char *str)
{
int child;
@@ -552,6 +558,9 @@ static int spl_simple_fit_read(struct spl_fit_info *ctx,
debug("fit read sector %lx, sectors=%d, dst=%p, count=%lu, size=0x%lx\n",
sector, sectors, buf, count, size);
+ /* preprocess loaded fit header before parsing and loading binaries */
+ board_spl_fit_pre_load(info, fit_header, sector, sectors);
+
return (count == 0) ? -EIO : 0;
}
--
1.8.3.1
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4203 bytes
Desc: S/MIME Cryptographic Signature
URL: <https://lists.denx.de/pipermail/u-boot/attachments/20210224/82a35909/attachment.bin>
More information about the U-Boot
mailing list