[U-Boot,v2] arm: mach-keystone: Use appended original image size in image processing
diff mbox series

Message ID 20190716134938.7257-1-afd@ti.com
State Accepted
Commit c1c564af5200dd50bfa4a2f2e9a6c73d10de691c
Delegated to: Tom Rini
Headers show
Series
  • [U-Boot,v2] arm: mach-keystone: Use appended original image size in image processing
Related show

Commit Message

Andrew F. Davis July 16, 2019, 1:49 p.m. UTC
When an image is signed/encrypted on K2 devices the image may get padded
to meet alignment requirements for the signature/encryption type. The
original size is appended as 4 bytes little-endian to the end of the
final image.

Normally the trailing extra bytes are ignored and so restoring the
exact original size is not important. In the case of initrd the
original size is important as the kernel uses it to look for
additional filesystem data and can do the wrong thing when the
size is not correct.

Read off the original size and report it back from the image post
processing stage.

Signed-off-by: Andrew F. Davis <afd@ti.com>
---

Changes from v1:
 - Use get_unaligned_le32
 - Fixup header/copyright while here

 arch/arm/mach-keystone/mon.c | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

Comments

Lokesh Vutla July 16, 2019, 1:55 p.m. UTC | #1
On 16/07/19 7:19 PM, Andrew F. Davis wrote:
> When an image is signed/encrypted on K2 devices the image may get padded
> to meet alignment requirements for the signature/encryption type. The
> original size is appended as 4 bytes little-endian to the end of the
> final image.
> 
> Normally the trailing extra bytes are ignored and so restoring the
> exact original size is not important. In the case of initrd the
> original size is important as the kernel uses it to look for
> additional filesystem data and can do the wrong thing when the
> size is not correct.
> 
> Read off the original size and report it back from the image post
> processing stage.
> 
> Signed-off-by: Andrew F. Davis <afd@ti.com>

Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com>

Thanks and regards,
Lokesh
Tom Rini July 30, 2019, 1:21 a.m. UTC | #2
On Tue, Jul 16, 2019 at 09:49:38AM -0400, Andrew F. Davis wrote:

> When an image is signed/encrypted on K2 devices the image may get padded
> to meet alignment requirements for the signature/encryption type. The
> original size is appended as 4 bytes little-endian to the end of the
> final image.
> 
> Normally the trailing extra bytes are ignored and so restoring the
> exact original size is not important. In the case of initrd the
> original size is important as the kernel uses it to look for
> additional filesystem data and can do the wrong thing when the
> size is not correct.
> 
> Read off the original size and report it back from the image post
> processing stage.
> 
> Signed-off-by: Andrew F. Davis <afd@ti.com>
> Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com>

Applied to u-boot/master, thanks!

Patch
diff mbox series

diff --git a/arch/arm/mach-keystone/mon.c b/arch/arm/mach-keystone/mon.c
index 51af028590..cc2ec88505 100644
--- a/arch/arm/mach-keystone/mon.c
+++ b/arch/arm/mach-keystone/mon.c
@@ -1,11 +1,11 @@ 
 // SPDX-License-Identifier: GPL-2.0+
 /*
- * K2HK: secure kernel command file
+ * K2x: Secure commands file
  *
- * (C) Copyright 2012-2014
- *     Texas Instruments Incorporated, <www.ti.com>
+ * Copyright (C) 2012-2019 Texas Instruments Incorporated - http://www.ti.com/
  */
 
+#include <asm/unaligned.h>
 #include <common.h>
 #include <command.h>
 #include <mach/mon.h>
@@ -120,9 +120,9 @@  void board_fit_image_post_process(void **p_image, size_t *p_size)
 	/*
 	 * Overwrite the image headers after authentication
 	 * and decryption. Update size to reflect removal
-	 * of header.
+	 * of header and restore original file size.
 	 */
-	*p_size -= KS2_HS_SEC_HEADER_LEN;
+	*p_size = get_unaligned_le32(image + (*p_size - 4));
 	memcpy(image, image + KS2_HS_SEC_HEADER_LEN, *p_size);
 
 	/*