1. 03 May, 2018 7 commits
  2. 27 Apr, 2018 5 commits
  3. 26 Apr, 2018 1 commit
  4. 23 Apr, 2018 1 commit
  5. 20 Apr, 2018 1 commit
  6. 18 Apr, 2018 2 commits
  7. 16 Apr, 2018 3 commits
  8. 13 Apr, 2018 1 commit
  9. 12 Apr, 2018 7 commits
  10. 11 Apr, 2018 1 commit
  11. 10 Apr, 2018 3 commits
  12. 09 Apr, 2018 2 commits
  13. 03 Apr, 2018 1 commit
    • Utkarsh Gupta's avatar
      MLK-17935: imx: HAB: Validate IVT before authenticating image · dabffd1b
      Utkarsh Gupta authored
      Calling csf_is_valid() with an un-signed image may lead to data abort
      as the CSF pointer could be pointing to a garbage address when accessed
      in HAB_HDR_LEN(*(const struct hab_hdr *)(ulong)ivt_initial->csf).
      
      Authenticate image from DDR location 0x80800000...
      Check CSF for Write Data command before authenticating image
      data abort
      pc : [<fff5494c>]          lr : [<fff54910>]
      reloc pc : [<8780294c>]    lr : [<87802910>]
      sp : fdf45dc8  ip : 00000214     fp : 00000000
      r10: fffb6170  r9 : fdf4fec0     r8 : 00722020
      r7 : 80f20000  r6 : 80800000     r5 : 80800000  r4 : 00720000
      r3 : 17a5aca3  r2 : 00000000     r1 : 80f2201f  r0 : 00000019
      Flags: NzcV  IRQs off  FIQs off  Mode SVC_32
      Resetting CPU ...
      
      resetting ...
      
      To avoid such errors during authentication process, validate IVT structure
      by calling validate_ivt function which checks the following values in an IVT:
      
      IVT_HEADER = 0x4X2000D1
      ENTRY != 0x0
      RES1 = 0x0
      DCD = 0x0       /* Recommended */
      SELF != 0x0     /* Absoulute address of IVT */
      CSF != 0x0
      RES2 = 0x0
      
      This commit also checks if Image's start address is 4 byte aligned.
      
      commit "0088d127 MLK-14945 HAB: Check if IVT valid before authenticating image"
      removed as this patch addresses the issue.
      Signed-off-by: default avatarUtkarsh Gupta <utkarsh.gupta@nxp.com>
      dabffd1b
  14. 02 Apr, 2018 5 commits