From b984056fa696e795625a2f5292859b73176f7713 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pali=20Roh=C3=A1r?= Date: Wed, 11 Aug 2021 10:14:14 +0200 Subject: tools: kwbimage: Verify supported image version MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Only image versions 0 and 1 are supported. Verify it in kwbimage_verify_header() function. Signed-off-by: Pali Rohár Reviewed-by: Stefan Roese --- tools/kwbimage.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'tools') diff --git a/tools/kwbimage.c b/tools/kwbimage.c index 00cb338d64f..542779ed484 100644 --- a/tools/kwbimage.c +++ b/tools/kwbimage.c @@ -1678,9 +1678,7 @@ static int kwbimage_verify_header(unsigned char *ptr, int image_size, if (checksum != ext_hdr->checksum) return -FDT_ERR_BADSTRUCTURE; } - } - - if (image_version((void *)ptr) == 1) { + } else if (image_version((void *)ptr) == 1) { struct main_hdr_v1 *mhdr = (struct main_hdr_v1 *)ptr; uint32_t offset; uint32_t size; @@ -1750,6 +1748,8 @@ static int kwbimage_verify_header(unsigned char *ptr, int image_size, if (image_checksum32(ptr + offset, size - 4) != *(uint32_t *)(ptr + offset + size - 4)) return -FDT_ERR_BADSTRUCTURE; + } else { + return -FDT_ERR_BADSTRUCTURE; } return 0; -- cgit v1.2.3 From 33a0af2d8041b027cfbf6ab23c93026339aff142 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pali=20Roh=C3=A1r?= Date: Wed, 11 Aug 2021 10:14:15 +0200 Subject: tools: kwbimage: Verify size of v0 image header MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Check that extended image header size is not larger than file size. Signed-off-by: Pali Rohár Reviewed-by: Stefan Roese --- tools/kwbimage.c | 3 +++ 1 file changed, 3 insertions(+) (limited to 'tools') diff --git a/tools/kwbimage.c b/tools/kwbimage.c index 542779ed484..4709c6d5442 100644 --- a/tools/kwbimage.c +++ b/tools/kwbimage.c @@ -1670,6 +1670,9 @@ static int kwbimage_verify_header(unsigned char *ptr, int image_size, if (mhdr->ext & 0x1) { struct ext_hdr_v0 *ext_hdr; + if (header_size + sizeof(*ext_hdr) > image_size) + return -FDT_ERR_BADSTRUCTURE; + ext_hdr = (struct ext_hdr_v0 *) (ptr + sizeof(struct main_hdr_v0)); checksum = image_checksum8(ext_hdr, -- cgit v1.2.3 From a008dbaa8ce2d4142e17780177faa381fd59bb4e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pali=20Roh=C3=A1r?= Date: Wed, 11 Aug 2021 10:14:16 +0200 Subject: tools: kwbimage: Verify size of image data MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Part of image data is 4 byte checksum, so every image must contain at least 4 bytes. Verify it to prevent memory corruptions. Signed-off-by: Pali Rohár Reviewed-by: Stefan Roese --- tools/kwbimage.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'tools') diff --git a/tools/kwbimage.c b/tools/kwbimage.c index 4709c6d5442..f47e52f13a9 100644 --- a/tools/kwbimage.c +++ b/tools/kwbimage.c @@ -1745,7 +1745,7 @@ static int kwbimage_verify_header(unsigned char *ptr, int image_size, return -FDT_ERR_BADSTRUCTURE; size = le32_to_cpu(mhdr->blocksize); - if (offset + size > image_size || size % 4 != 0) + if (size < 4 || offset + size > image_size || size % 4 != 0) return -FDT_ERR_BADSTRUCTURE; if (image_checksum32(ptr + offset, size - 4) != -- cgit v1.2.3 From e515a33040af6c637f8f17d9bd4166b0c3bba22d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pali=20Roh=C3=A1r?= Date: Wed, 11 Aug 2021 10:14:17 +0200 Subject: tools: kwbimage: Use IBR_HDR_* constants instead of raw numbers MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit There are already IBR_HDR_* constants for these numbers, so use them. Signed-off-by: Pali Rohár Reviewed-by: Stefan Roese --- tools/kwbimage.c | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) (limited to 'tools') diff --git a/tools/kwbimage.c b/tools/kwbimage.c index f47e52f13a9..9fab04ce88d 100644 --- a/tools/kwbimage.c +++ b/tools/kwbimage.c @@ -59,13 +59,13 @@ struct hash_v1 { }; struct boot_mode boot_modes[] = { - { 0x4D, "i2c" }, - { 0x5A, "spi" }, - { 0x8B, "nand" }, - { 0x78, "sata" }, - { 0x9C, "pex" }, - { 0x69, "uart" }, - { 0xAE, "sdio" }, + { IBR_HDR_I2C_ID, "i2c" }, + { IBR_HDR_SPI_ID, "spi" }, + { IBR_HDR_NAND_ID, "nand" }, + { IBR_HDR_SATA_ID, "sata" }, + { IBR_HDR_PEX_ID, "pex" }, + { IBR_HDR_UART_ID, "uart" }, + { IBR_HDR_SDIO_ID, "sdio" }, {}, }; @@ -75,10 +75,10 @@ struct nand_ecc_mode { }; struct nand_ecc_mode nand_ecc_modes[] = { - { 0x00, "default" }, - { 0x01, "hamming" }, - { 0x02, "rs" }, - { 0x03, "disabled" }, + { IBR_HDR_ECC_DEFAULT, "default" }, + { IBR_HDR_ECC_FORCED_HAMMING, "hamming" }, + { IBR_HDR_ECC_FORCED_RS, "rs" }, + { IBR_HDR_ECC_DISABLED, "disabled" }, {}, }; -- cgit v1.2.3 From f858bb2e6c191da3981838937950cb3c98e488fe Mon Sep 17 00:00:00 2001 From: Heinrich Schuchardt Date: Tue, 17 Aug 2021 07:03:20 +0200 Subject: kwbimage: check fopen() return value MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Always check the return value of fopen(). This resolves Coverity CID 338491: Null pointer dereferences (NULL_RETURNS) Signed-off-by: Heinrich Schuchardt Reviewed-by: Stefan Roese Reviewed-by: Pali Rohár --- tools/kwbimage.c | 11 +++++++++++ 1 file changed, 11 insertions(+) (limited to 'tools') diff --git a/tools/kwbimage.c b/tools/kwbimage.c index 9fab04ce88d..b2694888d96 100644 --- a/tools/kwbimage.c +++ b/tools/kwbimage.c @@ -832,6 +832,12 @@ static int kwb_dump_fuse_cmds(struct secure_hdr_v1 *sec_hdr) if (!strcmp(e->name, "a38x")) { FILE *out = fopen("kwb_fuses_a38x.txt", "w+"); + if (!out) { + fprintf(stderr, "Couldn't open eFuse settings: '%s': %s\n", + "kwb_fuses_a38x.txt", strerror(errno)); + return -ENOENT; + } + kwb_dump_fuse_cmds_38x(out, sec_hdr); fclose(out); goto done; @@ -1060,6 +1066,11 @@ int export_pub_kak_hash(RSA *kak, struct secure_hdr_v1 *secure_hdr) int res; hashf = fopen("pub_kak_hash.txt", "w"); + if (!hashf) { + fprintf(stderr, "Couldn't open hash file: '%s': %s\n", + "pub_kak_hash.txt", strerror(errno)); + return 1; + } res = kwb_export_pubkey(kak, &secure_hdr->kak, hashf, "KAK"); -- cgit v1.2.3 From f0317d788221828089fe54433cf5c502d748ef77 Mon Sep 17 00:00:00 2001 From: Heinrich Schuchardt Date: Tue, 17 Aug 2021 07:11:58 +0200 Subject: kwbimage: check return value of image_get_csk_index MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit image_get_csk_index() may return -1 in case of an error. Don't use this value as index. This resolves Coverity CID 338488 Memory - illegal accesses (NEGATIVE_RETURNS) Signed-off-by: Heinrich Schuchardt Reviewed-by: Stefan Roese Reviewed-by: Pali Rohár --- tools/kwbimage.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'tools') diff --git a/tools/kwbimage.c b/tools/kwbimage.c index b2694888d96..aa865cc443f 100644 --- a/tools/kwbimage.c +++ b/tools/kwbimage.c @@ -1087,7 +1087,7 @@ int kwb_sign_csk_with_kak(struct image_tool_params *params, int csk_idx = image_get_csk_index(); struct sig_v1 tmp_sig; - if (csk_idx >= 16) { + if (csk_idx < 0 || csk_idx > 15) { fprintf(stderr, "Invalid CSK index %d\n", csk_idx); return 1; } -- cgit v1.2.3 From 4116a0f38a8ba6bc5e762cd291a65df4946216e7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pali=20Roh=C3=A1r?= Date: Sun, 22 Aug 2021 12:31:35 +0200 Subject: tools: kwbimage: Remove comment about unimplemented register headers in v1 images MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Support for register headers in v1 images was implemented in commit 02ba70ad6822 ("tools: kwbimage: Add support for DATA command also for v1 images"). So remove old comment. Signed-off-by: Pali Rohár Fixes: 02ba70ad6822 ("tools: kwbimage: Add support for DATA command also for v1 images") Reviewed-by: Stefan Roese --- tools/kwbimage.c | 2 -- 1 file changed, 2 deletions(-) (limited to 'tools') diff --git a/tools/kwbimage.c b/tools/kwbimage.c index aa865cc443f..d200ff24250 100644 --- a/tools/kwbimage.c +++ b/tools/kwbimage.c @@ -5,8 +5,6 @@ * * (C) Copyright 2013 Thomas Petazzoni * - * - * Not implemented: support for the register headers in v1 images */ #include "imagetool.h" -- cgit v1.2.3