From: Pali Rohár pali@kernel.org
It is not possible to modify image with secure header due to cryptographic signature.
Signed-off-by: Pali Rohár pali@kernel.org [ refactored ] Signed-off-by: Marek Behún marek.behun@nic.cz --- tools/kwboot.c | 27 ++++++++++++++++++++++++--- 1 file changed, 24 insertions(+), 3 deletions(-)
diff --git a/tools/kwboot.c b/tools/kwboot.c index 031cea7550..c23357f5bc 100644 --- a/tools/kwboot.c +++ b/tools/kwboot.c @@ -739,6 +739,18 @@ kwboot_img_csum8(void *_data, size_t size) return csum; }
+static int +kwboot_img_is_secure(void *img) +{ + struct opt_hdr_v1 *ohdr; + + for_each_opt_hdr_v1 (ohdr, img) + if (ohdr->headertype == OPT_HDR_V1_SECURE_TYPE) + return 1; + + return 0; +} + static int kwboot_img_patch_hdr(void *img, size_t size) { @@ -747,7 +759,9 @@ kwboot_img_patch_hdr(void *img, size_t size) uint8_t csum; size_t hdrsz = sizeof(*hdr); int image_ver; + int is_secure;
+ is_secure = 0; rc = -1; hdr = img;
@@ -779,9 +793,16 @@ kwboot_img_patch_hdr(void *img, size_t size) goto out; }
- if (hdr->blockid == IBR_HDR_UART_ID) { - rc = 0; - goto out; + is_secure = kwboot_img_is_secure(img); + + if (hdr->blockid != IBR_HDR_UART_ID) { + if (is_secure) { + fprintf(stderr, + "Image has secure header with signature for non-UART booting\n"); + errno = EINVAL; + goto out; + } + kwboot_printv("Patching image boot signature to UART\n"); }
hdr->blockid = IBR_HDR_UART_ID;