diff options
Diffstat (limited to 'meta/recipes-bsp/u-boot/files/CVE-2020-10648-2.patch')
-rw-r--r-- | meta/recipes-bsp/u-boot/files/CVE-2020-10648-2.patch | 52 |
1 files changed, 52 insertions, 0 deletions
diff --git a/meta/recipes-bsp/u-boot/files/CVE-2020-10648-2.patch b/meta/recipes-bsp/u-boot/files/CVE-2020-10648-2.patch new file mode 100644 index 0000000000..023f7eac0a --- /dev/null +++ b/meta/recipes-bsp/u-boot/files/CVE-2020-10648-2.patch | |||
@@ -0,0 +1,52 @@ | |||
1 | From 8a9d03732e6d0f68107c80919096e7cf956dcb3d Mon Sep 17 00:00:00 2001 | ||
2 | From: Simon Glass <sjg@chromium.org> | ||
3 | Date: Wed, 18 Mar 2020 11:44:02 -0600 | ||
4 | Subject: [PATCH] image: Load the correct configuration in fit_check_sign | ||
5 | |||
6 | At present bootm_host_load_images() is passed the configuration that has | ||
7 | been verified, but ignores it and just uses the default configuration. | ||
8 | This may not be the same. | ||
9 | |||
10 | Update this function to use the selected configuration. | ||
11 | |||
12 | Signed-off-by: Simon Glass <sjg@chromium.org> | ||
13 | |||
14 | CVE: CVE-2020-10648 | ||
15 | Upstream-Status: Backport[https://github.com/u-boot/u-boot/commit/8a9d03732e6d0f68107c80919096e7cf956dcb3d] | ||
16 | Signed-off-by: Scott Murray <scott.murray@konsulko.com> | ||
17 | |||
18 | --- | ||
19 | common/bootm.c | 6 ++++-- | ||
20 | 1 file changed, 4 insertions(+), 2 deletions(-) | ||
21 | |||
22 | diff --git a/common/bootm.c b/common/bootm.c | ||
23 | index 902c13880d..db4362a643 100644 | ||
24 | --- a/common/bootm.c | ||
25 | +++ b/common/bootm.c | ||
26 | @@ -819,7 +819,8 @@ void __weak switch_to_non_secure_mode(void) | ||
27 | #else /* USE_HOSTCC */ | ||
28 | |||
29 | #if defined(CONFIG_FIT_SIGNATURE) | ||
30 | -static int bootm_host_load_image(const void *fit, int req_image_type) | ||
31 | +static int bootm_host_load_image(const void *fit, int req_image_type, | ||
32 | + int cfg_noffset) | ||
33 | { | ||
34 | const char *fit_uname_config = NULL; | ||
35 | ulong data, len; | ||
36 | @@ -831,6 +832,7 @@ static int bootm_host_load_image(const void *fit, int req_image_type) | ||
37 | void *load_buf; | ||
38 | int ret; | ||
39 | |||
40 | + fit_uname_config = fdt_get_name(fit, cfg_noffset, NULL); | ||
41 | memset(&images, '\0', sizeof(images)); | ||
42 | images.verify = 1; | ||
43 | noffset = fit_image_load(&images, (ulong)fit, | ||
44 | @@ -878,7 +880,7 @@ int bootm_host_load_images(const void *fit, int cfg_noffset) | ||
45 | for (i = 0; i < ARRAY_SIZE(image_types); i++) { | ||
46 | int ret; | ||
47 | |||
48 | - ret = bootm_host_load_image(fit, image_types[i]); | ||
49 | + ret = bootm_host_load_image(fit, image_types[i], cfg_noffset); | ||
50 | if (!err && ret && ret != -ENOENT) | ||
51 | err = ret; | ||
52 | } | ||