From d154ca60036f060375ff3d80b2f1fbd2cd7de115 Mon Sep 17 00:00:00 2001 From: Ben Whitten Date: Thu, 7 Jun 2018 11:37:27 +0100 Subject: [PATCH] spl: fit: verify images prior to post processing Verification of hashes needs to take place before any image post processing, thus matching full FIT image processing. This allows mechanisms such as encryption be applied to images prior to fit generation at the spl level. Signed-off-by: Ben Whitten --- common/spl/spl_fit.c | 21 +++++++++------------ 1 file changed, 9 insertions(+), 12 deletions(-) diff --git a/common/spl/spl_fit.c b/common/spl/spl_fit.c index e01b4e578d..5b51a28a08 100644 --- a/common/spl/spl_fit.c +++ b/common/spl/spl_fit.c @@ -181,9 +181,6 @@ static int spl_load_fit_image(struct spl_load_info *info, ulong sector, uint8_t image_comp = -1, type = -1; const void *data; bool external_data = false; -#ifdef CONFIG_SPL_FIT_SIGNATURE - int ret; -#endif if (IS_ENABLED(CONFIG_SPL_FPGA_SUPPORT) || (IS_ENABLED(CONFIG_SPL_OS_BOOT) && IS_ENABLED(CONFIG_SPL_GZIP))) { @@ -247,6 +244,15 @@ static int spl_load_fit_image(struct spl_load_info *info, ulong sector, src = (void *)data; } +#ifdef CONFIG_SPL_FIT_SIGNATURE + printf("## Checking hash(es) for Image %s ... ", + fit_get_name(fit, node, NULL)); + if (!fit_image_verify_with_data(fit, node, + src, length)) + return -EPERM; + puts("OK\n"); +#endif + #ifdef CONFIG_SPL_FIT_IMAGE_POST_PROCESS board_fit_image_post_process(&src, &length); #endif @@ -272,16 +278,7 @@ static int spl_load_fit_image(struct spl_load_info *info, ulong sector, image_info->entry_point = fdt_getprop_u32(fit, node, "entry"); } -#ifdef CONFIG_SPL_FIT_SIGNATURE - printf("## Checking hash(es) for Image %s ...\n", - fit_get_name(fit, node, NULL)); - ret = fit_image_verify_with_data(fit, node, - (const void *)load_addr, length); - printf("\n"); - return !ret; -#else return 0; -#endif } static int spl_fit_append_fdt(struct spl_image_info *spl_image, -- 2.39.5