[PATCH u-boot-marvell 04/13] tools: kwboot: Validate 4-byte image data checksum

Marek Behún kabel at kernel.org
Mon Oct 25 15:12:55 CEST 2021


From: Pali Rohár <pali at kernel.org>

Data part of the image contains 4-byte checksum. Validate it when
processing the image.

Signed-off-by: Pali Rohár <pali at kernel.org>
[ refactored ]
Signed-off-by: Marek Behún <marek.behun at nic.cz>
---
 tools/kwboot.c | 34 ++++++++++++++++++++++++++++++++++
 1 file changed, 34 insertions(+)

diff --git a/tools/kwboot.c b/tools/kwboot.c
index 4e29317f10..bc44301535 100644
--- a/tools/kwboot.c
+++ b/tools/kwboot.c
@@ -1251,6 +1251,37 @@ kwboot_hdr_csum8(const void *hdr)
 	return csum;
 }
 
+static uint32_t *
+kwboot_img_csum32_ptr(void *img)
+{
+	struct main_hdr_v1 *hdr = img;
+	uint32_t datasz;
+
+	datasz = le32_to_cpu(hdr->blocksize) - sizeof(uint32_t);
+
+	return img + le32_to_cpu(hdr->srcaddr) + datasz;
+}
+
+static uint32_t
+kwboot_img_csum32(const void *img)
+{
+	const struct main_hdr_v1 *hdr = img;
+	uint32_t datasz, csum = 0;
+	const uint32_t *data;
+
+	datasz = le32_to_cpu(hdr->blocksize) - sizeof(csum);
+	if (datasz % sizeof(uint32_t))
+		return 0;
+
+	data = img + le32_to_cpu(hdr->srcaddr);
+	while (datasz > 0) {
+		csum += le32_to_cpu(*data++);
+		datasz -= 4;
+	}
+
+	return cpu_to_le32(csum);
+}
+
 static int
 kwboot_img_is_secure(void *img)
 {
@@ -1462,6 +1493,9 @@ kwboot_img_patch(void *img, size_t *size, int baudrate)
 	    *size < le32_to_cpu(hdr->srcaddr) + le32_to_cpu(hdr->blocksize))
 		goto err;
 
+	if (kwboot_img_csum32(img) != *kwboot_img_csum32_ptr(img))
+		goto err;
+
 	is_secure = kwboot_img_is_secure(img);
 
 	if (hdr->blockid != IBR_HDR_UART_ID) {
-- 
2.32.0



More information about the U-Boot mailing list