aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorPali Rohár <pali@kernel.org>2021-09-24 23:06:57 +0200
committerStefan Roese <sr@denx.de>2021-10-01 11:07:13 +0200
commit550c93085aac67e88486355121e71678c41c38e1 (patch)
tree7874e94ba2f45415669d69028646d11494a125a7
parent732c930b219a6c72c3d4b553372a2443627406e9 (diff)
downloadu-boot-550c93085aac67e88486355121e71678c41c38e1.zip
u-boot-550c93085aac67e88486355121e71678c41c38e1.tar.gz
u-boot-550c93085aac67e88486355121e71678c41c38e1.tar.bz2
tools: kwboot: Don't patch image header if signed
It is not possible to modify image with secure header due to cryptographic signature. Signed-off-by: Pali Rohár <pali@kernel.org> [ refactored ] Signed-off-by: Marek Behún <marek.behun@nic.cz>
-rw-r--r--tools/kwboot.c30
1 files changed, 25 insertions, 5 deletions
diff --git a/tools/kwboot.c b/tools/kwboot.c
index 9394a51..2446d0a 100644
--- a/tools/kwboot.c
+++ b/tools/kwboot.c
@@ -757,6 +757,18 @@ kwboot_img_csum8(void *_data, size_t size)
}
static int
+kwboot_img_is_secure(void *img)
+{
+ struct opt_hdr_v1 *ohdr;
+
+ for_each_opt_hdr_v1 (ohdr, img)
+ if (ohdr->headertype == OPT_HDR_V1_SECURE_TYPE)
+ return 1;
+
+ return 0;
+}
+
+static int
kwboot_img_patch_hdr(void *img, size_t size)
{
int rc;
@@ -764,6 +776,7 @@ kwboot_img_patch_hdr(void *img, size_t size)
uint8_t csum;
size_t hdrsz = sizeof(*hdr);
int image_ver;
+ int is_secure;
rc = -1;
hdr = img;
@@ -796,12 +809,19 @@ kwboot_img_patch_hdr(void *img, size_t size)
goto out;
}
- if (hdr->blockid == IBR_HDR_UART_ID) {
- rc = 0;
- goto out;
- }
+ is_secure = kwboot_img_is_secure(img);
- hdr->blockid = IBR_HDR_UART_ID;
+ if (hdr->blockid != IBR_HDR_UART_ID) {
+ if (is_secure) {
+ fprintf(stderr,
+ "Image has secure header with signature for non-UART booting\n");
+ errno = EINVAL;
+ goto out;
+ }
+
+ kwboot_printv("Patching image boot signature to UART\n");
+ hdr->blockid = IBR_HDR_UART_ID;
+ }
if (image_ver == 0) {
struct main_hdr_v0 *hdr_v0 = img;