1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
|
From 8a9d03732e6d0f68107c80919096e7cf956dcb3d Mon Sep 17 00:00:00 2001
From: Simon Glass <sjg@chromium.org>
Date: Wed, 18 Mar 2020 11:44:02 -0600
Subject: [PATCH] image: Load the correct configuration in fit_check_sign
At present bootm_host_load_images() is passed the configuration that has
been verified, but ignores it and just uses the default configuration.
This may not be the same.
Update this function to use the selected configuration.
Signed-off-by: Simon Glass <sjg@chromium.org>
CVE: CVE-2020-10648
Upstream-Status: Backport[https://github.com/u-boot/u-boot/commit/8a9d03732e6d0f68107c80919096e7cf956dcb3d]
Signed-off-by: Scott Murray <scott.murray@konsulko.com>
---
common/bootm.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/common/bootm.c b/common/bootm.c
index 902c13880d..db4362a643 100644
--- a/common/bootm.c
+++ b/common/bootm.c
@@ -819,7 +819,8 @@ void __weak switch_to_non_secure_mode(void)
#else /* USE_HOSTCC */
#if defined(CONFIG_FIT_SIGNATURE)
-static int bootm_host_load_image(const void *fit, int req_image_type)
+static int bootm_host_load_image(const void *fit, int req_image_type,
+ int cfg_noffset)
{
const char *fit_uname_config = NULL;
ulong data, len;
@@ -831,6 +832,7 @@ static int bootm_host_load_image(const void *fit, int req_image_type)
void *load_buf;
int ret;
+ fit_uname_config = fdt_get_name(fit, cfg_noffset, NULL);
memset(&images, '\0', sizeof(images));
images.verify = 1;
noffset = fit_image_load(&images, (ulong)fit,
@@ -878,7 +880,7 @@ int bootm_host_load_images(const void *fit, int cfg_noffset)
for (i = 0; i < ARRAY_SIZE(image_types); i++) {
int ret;
- ret = bootm_host_load_image(fit, image_types[i]);
+ ret = bootm_host_load_image(fit, image_types[i], cfg_noffset);
if (!err && ret && ret != -ENOENT)
err = ret;
}
|
