arm: imx: hab: Verify IVT self matches calculated address
The IVT is a self-describing structure which contains a self field. The self field is the absolute physical base address the IVT ought to be at in memory. Use the IVT self field to validate the calculated ivt_addr bugging out if the two values differ. Signed-off-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org> Cc: Stefano Babic <sbabic@denx.de> Cc: Fabio Estevam <fabio.estevam@nxp.com> Cc: Peng Fan <peng.fan@nxp.com> Cc: Albert Aribaud <albert.u.boot@aribaud.net> Cc: Sven Ebenfeld <sven.ebenfeld@gmail.com> Cc: George McCollister <george.mccollister@gmail.com> Cc: Breno Matheus Lima <brenomatheus@gmail.com> Tested-by: Breno Lima <breno.lima@nxp.com> Reviewed-by: Fabio Estevam <fabio.estevam@nxp.com>
This commit is contained in:
Bryan O'Donoghue
Stefano Babic
parent
49b6d05882
commit
e59eb9e00f
1 changed files with 7 additions and 0 deletions
|
|
@ -450,6 +450,13 @@ int authenticate_image(uint32_t ddr_start, uint32_t image_size,
|
|||
if (verify_ivt_header(ivt_hdr))
|
||||
goto hab_caam_clock_disable;
|
||||
|
||||
/* Verify IVT body */
|
||||
if (ivt->self != ivt_addr) {
|
||||
printf("ivt->self 0x%08x pointer is 0x%08x\n",
|
||||
ivt->self, ivt_addr);
|
||||
goto hab_caam_clock_disable;
|
||||
}
|
||||
|
||||
start = ddr_start;
|
||||
bytes = image_size;
|
||||
#ifdef DEBUG
|
||||
|
|
|
|||
Loading…
Reference in a new issue