1 files changed, 0 insertions, 59 deletions
diff --git a/meta/recipes-bsp/u-boot/files/CVE-2018-1000205-1.patch b/meta/recipes-bsp/u-boot/files/CVE-2018-1000205-1.patch
deleted file mode 100644
index fed3c3dcb9..0000000000
--- a/meta/recipes-bsp/u-boot/files/CVE-2018-1000205-1.patch
+++ /dev/null
@@ -1,59 +0,0 @@
-From 7346c1e192d63cd35f99c7e845e53c5d4d0bdc24 Mon Sep 17 00:00:00 2001
-From: Teddy Reed <teddy.reed@gmail.com>
-Date: Sat, 9 Jun 2018 11:45:20 -0400
-Subject: [PATCH] vboot: Do not use hashed-strings offset
-The hashed-strings signature property includes two uint32_t values.
-The first is unneeded as there should never be a start offset into the
-strings region. The second, the size, is needed because the added
-signature node appends to this region.
-See tools/image-host.c, where a static 0 value is used for the offset.
-Signed-off-by: Teddy Reed <teddy.reed@gmail.com>
-Reviewed-by: Simon Glass <sjg@chromium.org>
-Upstream-Status: Backport[http://git.denx.de/?p=u-boot.git;a=commit;
-                 h=7346c1e192d63cd35f99c7e845e53c5d4d0bdc24]
-CVE: CVE-2018-1000205
-Signed-off-by: Changqing Li <changqing.li@windriver.com>
---
- common/image-sig.c | 7 +++++--
- tools/image-host.c | 1 +
- 2 files changed, 6 insertions(+), 2 deletions(-)
-diff --git a/common/image-sig.c b/common/image-sig.c
-index 8d2fd10..5a269d3 100644
--- a/common/image-sig.c
-+++ b/common/image-sig.c
-@@ -377,8 +377,11 @@ int fit_config_check_sig(const void *fit, int noffset, int required_keynode,
-        /* Add the strings */
-        strings = fdt_getprop(fit, noffset, "hashed-strings", NULL);
-        if (strings) {
-               fdt_regions[count].offset = fdt_off_dt_strings(fit) +
-                               fdt32_to_cpu(strings[0]);
-+               /*
-+                * The strings region offset must be a static 0x0.
-+                * This is set in tool/image-host.c
-+                */
-+               fdt_regions[count].offset = fdt_off_dt_strings(fit);
-                fdt_regions[count].size = fdt32_to_cpu(strings[1]);
-                count++;
-        }
-diff --git a/tools/image-host.c b/tools/image-host.c
-index 8e43671..be2d59b 100644
--- a/tools/image-host.c
-+++ b/tools/image-host.c
-@@ -135,6 +135,7 @@ static int fit_image_write_sig(void *fit, int noffset, uint8_t *value,
- 
-                ret = fdt_setprop(fit, noffset, "hashed-nodes",
-                                   region_prop, region_proplen);
-+               /* This is a legacy offset, it is unused, and must remain 0. */
-                strdata[0] = 0;
-                strdata[1] = cpu_to_fdt32(string_size);
-                if (!ret) {
-- 
-2.7.4

diff --git a/meta/recipes-bsp/u-boot/files/CVE-2018-1000205-1.patch b/meta/recipes-bsp/u-boot/files/CVE-2018-1000205-1.patch deleted file mode 100644 index fed3c3dcb9..0000000000 --- a/meta/recipes-bsp/u-boot/files/CVE-2018-1000205-1.patch +++ /dev/null
@@ -1,59 +0,0 @@
1	From 7346c1e192d63cd35f99c7e845e53c5d4d0bdc24 Mon Sep 17 00:00:00 2001
2	From: Teddy Reed <teddy.reed@gmail.com>
3	Date: Sat, 9 Jun 2018 11:45:20 -0400
4	Subject: [PATCH] vboot: Do not use hashed-strings offset
5
6	The hashed-strings signature property includes two uint32_t values.
7	The first is unneeded as there should never be a start offset into the
8	strings region. The second, the size, is needed because the added
9	signature node appends to this region.
10
11	See tools/image-host.c, where a static 0 value is used for the offset.
12
13	Signed-off-by: Teddy Reed <teddy.reed@gmail.com>
14	Reviewed-by: Simon Glass <sjg@chromium.org>
15
16	Upstream-Status: Backport[http://git.denx.de/?p=u-boot.git;a=commit;
17	h=7346c1e192d63cd35f99c7e845e53c5d4d0bdc24]
18
19	CVE: CVE-2018-1000205
20
21	Signed-off-by: Changqing Li <changqing.li@windriver.com>
22	---
23	common/image-sig.c \| 7 +++++--
24	tools/image-host.c \| 1 +
25	2 files changed, 6 insertions(+), 2 deletions(-)
26
27	diff --git a/common/image-sig.c b/common/image-sig.c
28	index 8d2fd10..5a269d3 100644
29	--- a/common/image-sig.c
30	+++ b/common/image-sig.c
31	@@ -377,8 +377,11 @@ int fit_config_check_sig(const void *fit, int noffset, int required_keynode,
32	/* Add the strings */
33	strings = fdt_getprop(fit, noffset, "hashed-strings", NULL);
34	if (strings) {
35	- fdt_regions[count].offset = fdt_off_dt_strings(fit) +
36	- fdt32_to_cpu(strings[0]);
37	+ /*
38	+ * The strings region offset must be a static 0x0.
39	+ * This is set in tool/image-host.c
40	+ */
41	+ fdt_regions[count].offset = fdt_off_dt_strings(fit);
42	fdt_regions[count].size = fdt32_to_cpu(strings[1]);
43	count++;
44	}
45	diff --git a/tools/image-host.c b/tools/image-host.c
46	index 8e43671..be2d59b 100644
47	--- a/tools/image-host.c
48	+++ b/tools/image-host.c
49	@@ -135,6 +135,7 @@ static int fit_image_write_sig(void fit, int noffset, uint8_t value,
50
51	ret = fdt_setprop(fit, noffset, "hashed-nodes",
52	region_prop, region_proplen);
53	+ /* This is a legacy offset, it is unused, and must remain 0. */
54	strdata[0] = 0;
55	strdata[1] = cpu_to_fdt32(string_size);
56	if (!ret) {
57	--
58	2.7.4
59