aboutsummaryrefslogtreecommitdiff
path: root/bl2/src
diff options
context:
space:
mode:
authorDavid Vincze <david.vincze@arm.com>2019-10-25 13:18:54 +0200
committerTamas Ban <tamas.ban@arm.com>2019-12-16 13:39:25 +0000
commitc256612e0e773c76ae07dc8de7f776e3c029d7b0 (patch)
tree4376d274cbbeae356bc815a1c65509b6718faf58 /bl2/src
parentcea8b590ae9ac656a6c8273c53986ff017152673 (diff)
downloadtrusted-firmware-m-c256612e0e773c76ae07dc8de7f776e3c029d7b0.tar.gz
Boot: Re-apply modifications after code sync
-Some of the security-related modifications were lost during code synchronization (change-id: Ibe948792b306e96282fb82447bb3f05a0c6389ef). Re-apply the usage of constant time memory equality functions and overflow checks in the corresponding parts of the code. -Use new boot_find_tlv_offs() function that came from mainstream MCUBoot with the code synchronization. Change-Id: I3d32dc128d4fc826ac09d752cb1484d189acfb4f Signed-off-by: David Vincze <david.vincze@arm.com>
Diffstat (limited to 'bl2/src')
-rw-r--r--bl2/src/boot_record.c22
1 files changed, 3 insertions, 19 deletions
diff --git a/bl2/src/boot_record.c b/bl2/src/boot_record.c
index 35a8c7cbd0..f7b2539fd0 100644
--- a/bl2/src/boot_record.c
+++ b/bl2/src/boot_record.c
@@ -90,7 +90,6 @@ boot_save_sw_measurements(uint8_t sw_module,
const struct image_header *hdr,
const struct flash_area *fap)
{
- struct image_tlv_info tlv_header;
struct image_tlv tlv_entry;
uintptr_t tlv_end, offset;
uint8_t buf[32];
@@ -107,17 +106,10 @@ boot_save_sw_measurements(uint8_t sw_module,
/* Manifest data is concatenated to the end of the image. It is encoded in
* TLV format.
*/
- offset = hdr->ih_img_size + hdr->ih_hdr_size;
-
- res = LOAD_IMAGE_DATA(fap, offset, &tlv_header, sizeof(tlv_header));
+ res = boot_find_tlv_offs(hdr, fap, &offset, &tlv_end);
if (res) {
return BOOT_STATUS_ERROR;
}
- if (tlv_header.it_magic != IMAGE_TLV_INFO_MAGIC) {
- return BOOT_STATUS_ERROR;
- }
- tlv_end = offset + tlv_header.it_tlv_tot;
- offset += sizeof(tlv_header);
/* Iterates over the manifest data and copy the relevant attributes to the
* shared data area:
@@ -395,9 +387,8 @@ boot_save_boot_status(uint8_t sw_module,
#else /* MCUBOOT_INDIVIDUAL_CLAIMS */
- struct image_tlv_info tlv_header;
struct image_tlv tlv_entry;
- uintptr_t tlv_end, offset;
+ uint32_t tlv_end, offset;
size_t record_len = 0;
uint8_t image_hash[32]; /* SHA256 - 32 Bytes */
uint8_t buf[MAX_BOOT_RECORD_SZ];
@@ -410,18 +401,11 @@ boot_save_boot_status(uint8_t sw_module,
/* Manifest data is concatenated to the end of the image.
* It is encoded in TLV format.
*/
- offset = hdr->ih_hdr_size + hdr->ih_img_size;
- /* The TLV area always starts with an image_tlv_info structure. */
- res = LOAD_IMAGE_DATA(fap, offset, &tlv_header, sizeof(tlv_header));
+ res = boot_find_tlv_offs(hdr, fap, &offset, &tlv_end);
if (res) {
return BOOT_STATUS_ERROR;
}
- if (tlv_header.it_magic != IMAGE_TLV_INFO_MAGIC) {
- return BOOT_STATUS_ERROR;
- }
- tlv_end = offset + (uintptr_t)tlv_header.it_tlv_tot;
- offset += sizeof(tlv_header);
/* Traverse through the TLV area to find the boot record
* and image hash TLVs.