diff options
author | Jason M. Bills <jason.m.bills@linux.intel.com> | 2020-08-04 01:40:26 +0300 |
---|---|---|
committer | Jason M. Bills <jason.m.bills@linux.intel.com> | 2020-08-04 23:23:32 +0300 |
commit | 40108db4434d8c2e0a1ad2d1dd3f5ae34b17352c (patch) | |
tree | 14edb2241a48b600f217aa8ebc03a59ed62ca268 /meta-openbmc-mods/meta-ast2500/recipes-bsp/u-boot/files/CVE-2020-10648/0007-image-Check-hash-nodes-when-checking-configurations.patch | |
parent | d071adf43ac87f21dde2f84287120960c723962c (diff) | |
download | openbmc-40108db4434d8c2e0a1ad2d1dd3f5ae34b17352c.tar.xz |
Update to internal 0.72
Signed-off-by: Jason M. Bills <jason.m.bills@linux.intel.com>
Diffstat (limited to 'meta-openbmc-mods/meta-ast2500/recipes-bsp/u-boot/files/CVE-2020-10648/0007-image-Check-hash-nodes-when-checking-configurations.patch')
-rw-r--r-- | meta-openbmc-mods/meta-ast2500/recipes-bsp/u-boot/files/CVE-2020-10648/0007-image-Check-hash-nodes-when-checking-configurations.patch | 97 |
1 files changed, 97 insertions, 0 deletions
diff --git a/meta-openbmc-mods/meta-ast2500/recipes-bsp/u-boot/files/CVE-2020-10648/0007-image-Check-hash-nodes-when-checking-configurations.patch b/meta-openbmc-mods/meta-ast2500/recipes-bsp/u-boot/files/CVE-2020-10648/0007-image-Check-hash-nodes-when-checking-configurations.patch new file mode 100644 index 000000000..5a4bca485 --- /dev/null +++ b/meta-openbmc-mods/meta-ast2500/recipes-bsp/u-boot/files/CVE-2020-10648/0007-image-Check-hash-nodes-when-checking-configurations.patch @@ -0,0 +1,97 @@ +From ece10b3eac018240776bfec8aceb1e8f4947288b Mon Sep 17 00:00:00 2001 +From: Simon Glass <sjg@chromium.org> +Date: Tue, 31 Mar 2020 18:43:55 +0200 +Subject: [PATCH] image: Check hash-nodes when checking configurations + +It is currently possible to use a different configuration's signature and +thus bypass the configuration check. Make sure that the configuration node +that was hashed matches the one being checked, to catch this problem. + +Also add a proper function comment to fit_config_check_sig() and make it +static. + +Signed-off-by: Simon Glass <sjg@chromium.org> +Signed-off-by: Jae Hyun Yoo <jae.hyun.yoo@linux.intel.com> +--- + common/image-sig.c | 36 +++++++++++++++++++++++++++++++++--- + 1 file changed, 33 insertions(+), 3 deletions(-) + +diff --git a/common/image-sig.c b/common/image-sig.c +index a664f4a40945..057d654c17d4 100644 +--- a/common/image-sig.c ++++ b/common/image-sig.c +@@ -283,20 +283,39 @@ int fit_image_verify_required_sigs(const void *fit, int image_noffset, + return 0; + } + +-int fit_config_check_sig(const void *fit, int noffset, int required_keynode, +- char **err_msgp) ++/** ++ * fit_config_check_sig() - Check the signature of a config ++ * ++ * @fit: FIT to check ++ * @noffset: Offset of configuration node (e.g. /configurations/conf-1) ++ * @required_keynode: Offset in the control FDT of the required key node, ++ * if any. If this is given, then the configuration wil not ++ * pass verification unless that key is used. If this is ++ * -1 then any signature will do. ++ * @conf_noffset: Offset of the configuration subnode being checked (e.g. ++ * /configurations/conf-1/kernel) ++ * @err_msgp: In the event of an error, this will be pointed to a ++ * help error string to display to the user. ++ * @return 0 if all verified ok, <0 on error ++ */ ++static int fit_config_check_sig(const void *fit, int noffset, ++ int required_keynode, int conf_noffset, ++ char **err_msgp) + { + char * const exc_prop[] = {"data"}; + const char *prop, *end, *name; + struct image_sign_info info; + const uint32_t *strings; ++ const char *config_name; + uint8_t *fit_value; + int fit_value_len; ++ bool found_config; + int max_regions; + int i, prop_len; + char path[200]; + int count; + ++ config_name = fit_get_name(fit, conf_noffset, NULL); + debug("%s: fdt=%p, conf='%s', sig='%s'\n", __func__, gd_fdt_blob(), + fit_get_name(fit, noffset, NULL), + fit_get_name(gd_fdt_blob(), required_keynode, NULL)); +@@ -332,9 +351,20 @@ int fit_config_check_sig(const void *fit, int noffset, int required_keynode, + char *node_inc[count]; + + debug("Hash nodes (%d):\n", count); ++ found_config = false; + for (name = prop, i = 0; name < end; name += strlen(name) + 1, i++) { + debug(" '%s'\n", name); + node_inc[i] = (char *)name; ++ if (!strncmp(FIT_CONFS_PATH, name, strlen(FIT_CONFS_PATH)) && ++ name[sizeof(FIT_CONFS_PATH) - 1] == '/' && ++ !strcmp(name + sizeof(FIT_CONFS_PATH), config_name)) { ++ debug(" (found config node %s)", config_name); ++ found_config = true; ++ } ++ } ++ if (!found_config) { ++ *err_msgp = "Selected config not in hashed nodes"; ++ return -1; + } + + /* +@@ -399,7 +429,7 @@ static int fit_config_verify_sig(const void *fit, int conf_noffset, + if (!strncmp(name, FIT_SIG_NODENAME, + strlen(FIT_SIG_NODENAME))) { + ret = fit_config_check_sig(fit, noffset, sig_offset, +- &err_msg); ++ conf_noffset, &err_msg); + if (ret) { + puts("- "); + } else { +-- +2.17.1 + |