From 550c93085aac67e88486355121e71678c41c38e1 Mon Sep 17 00:00:00 2001 From: =?utf8?q?Pali=20Roh=C3=A1r?= Date: Fri, 24 Sep 2021 23:06:57 +0200 Subject: [PATCH] tools: kwboot: Don't patch image header if signed MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit It is not possible to modify image with secure header due to cryptographic signature. Signed-off-by: Pali Rohár [ refactored ] Signed-off-by: Marek Behún --- tools/kwboot.c | 30 +++++++++++++++++++++++++----- 1 file changed, 25 insertions(+), 5 deletions(-) diff --git a/tools/kwboot.c b/tools/kwboot.c index 9394a51..2446d0a 100644 --- a/tools/kwboot.c +++ b/tools/kwboot.c @@ -757,6 +757,18 @@ kwboot_img_csum8(void *_data, size_t size) } static int +kwboot_img_is_secure(void *img) +{ + struct opt_hdr_v1 *ohdr; + + for_each_opt_hdr_v1 (ohdr, img) + if (ohdr->headertype == OPT_HDR_V1_SECURE_TYPE) + return 1; + + return 0; +} + +static int kwboot_img_patch_hdr(void *img, size_t size) { int rc; @@ -764,6 +776,7 @@ kwboot_img_patch_hdr(void *img, size_t size) uint8_t csum; size_t hdrsz = sizeof(*hdr); int image_ver; + int is_secure; rc = -1; hdr = img; @@ -796,12 +809,19 @@ kwboot_img_patch_hdr(void *img, size_t size) goto out; } - if (hdr->blockid == IBR_HDR_UART_ID) { - rc = 0; - goto out; - } + is_secure = kwboot_img_is_secure(img); - hdr->blockid = IBR_HDR_UART_ID; + if (hdr->blockid != IBR_HDR_UART_ID) { + if (is_secure) { + fprintf(stderr, + "Image has secure header with signature for non-UART booting\n"); + errno = EINVAL; + goto out; + } + + kwboot_printv("Patching image boot signature to UART\n"); + hdr->blockid = IBR_HDR_UART_ID; + } if (image_ver == 0) { struct main_hdr_v0 *hdr_v0 = img; -- 2.7.4