[PATCH] common: avb_verify: prevent opening incorrect session

Ivan Khoronzhuk ivan.khoronzhuk at gmail.com
Sun Jan 22 03:41:30 CET 2023


The arg->session is not valid if arg->ret != NULL, so can't be
assigned. Leave retry for just "ret" error to save same behaviour.

Signed-off-by: Ivan Khoronzhuk <ivan.khoronzhuk at gmail.com>
---
 common/avb_verify.c | 12 ++++++++----
 1 file changed, 8 insertions(+), 4 deletions(-)

diff --git a/common/avb_verify.c b/common/avb_verify.c
index 0520a71455..05d5a97896 100644
--- a/common/avb_verify.c
+++ b/common/avb_verify.c
@@ -619,10 +619,14 @@ static int get_open_session(struct AvbOpsData *ops_data)
 		memset(&arg, 0, sizeof(arg));
 		tee_optee_ta_uuid_to_octets(arg.uuid, &uuid);
 		rc = tee_open_session(tee, &arg, 0, NULL);
-		if (!rc) {
-			ops_data->tee = tee;
-			ops_data->session = arg.session;
-		}
+		if (rc)
+			continue;
+
+		if (arg.ret)
+			return AVB_IO_RESULT_ERROR_IO;
+
+		ops_data->tee = tee;
+		ops_data->session = arg.session;
 	}
 
 	return 0;
-- 
2.34.1



More information about the U-Boot mailing list