diff options
| author | Ilias Apalodimas <ilias.apalodimas@linaro.org> | 2021-07-17 17:26:44 +0300 |
|---|---|---|
| committer | Heinrich Schuchardt <xypron.glpk@gmx.de> | 2021-07-18 14:43:56 +0200 |
| commit | ddf67daac39de76d2697d587148f4c2cb768f492 (patch) | |
| tree | 2f6625c0035401e56d52ddc000e0b3ffddfa892e /lib/efi_loader/efi_capsule.c | |
| parent | d934ed577e9257e64e08bc722a7715e586c4a2bc (diff) | |
efi_capsule: Move signature from DTB to .rodata
The capsule signature is now part of our DTB. This is problematic when a
user is allowed to change/fixup that DTB from U-Boots command line since he
can overwrite the signature as well.
So Instead of adding the key on the DTB, embed it in the u-boot binary it
self as part of it's .rodata. This assumes that the U-Boot binary we load
is authenticated by a previous boot stage loader.
Reviewed-by: Masami Hiramatsu <masami.hiramatsu@linaro.org>
Tested-by: Masami Hiramatsu <masami.hiramatsu@linaro.org>
Tested-by: Sughosh Ganu <sughosh.ganu@linaro.org>
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Diffstat (limited to 'lib/efi_loader/efi_capsule.c')
| -rw-r--r-- | lib/efi_loader/efi_capsule.c | 18 |
1 files changed, 15 insertions, 3 deletions
diff --git a/lib/efi_loader/efi_capsule.c b/lib/efi_loader/efi_capsule.c index a09c5705f1..f9b0ef591c 100644 --- a/lib/efi_loader/efi_capsule.c +++ b/lib/efi_loader/efi_capsule.c @@ -16,6 +16,7 @@ #include <mapmem.h> #include <sort.h> +#include <asm/sections.h> #include <crypto/pkcs7.h> #include <crypto/pkcs7_parser.h> #include <linux/err.h> @@ -222,12 +223,23 @@ skip: const efi_guid_t efi_guid_capsule_root_cert_guid = EFI_FIRMWARE_MANAGEMENT_CAPSULE_ID_GUID; +static int efi_get_public_key_data(void **pkey, efi_uintn_t *pkey_len) +{ + const void *blob = __efi_capsule_sig_begin; + const int len = __efi_capsule_sig_end - __efi_capsule_sig_begin; + + *pkey = (void *)blob; + *pkey_len = len; + + return 0; +} + efi_status_t efi_capsule_authenticate(const void *capsule, efi_uintn_t capsule_size, void **image, efi_uintn_t *image_size) { u8 *buf; int ret; - void *fdt_pkey, *pkey; + void *stored_pkey, *pkey; efi_uintn_t pkey_len; uint64_t monotonic_count; struct efi_signature_store *truststore; @@ -286,7 +298,7 @@ efi_status_t efi_capsule_authenticate(const void *capsule, efi_uintn_t capsule_s goto out; } - ret = efi_get_public_key_data(&fdt_pkey, &pkey_len); + ret = efi_get_public_key_data(&stored_pkey, &pkey_len); if (ret < 0) goto out; @@ -294,7 +306,7 @@ efi_status_t efi_capsule_authenticate(const void *capsule, efi_uintn_t capsule_s if (!pkey) goto out; - memcpy(pkey, fdt_pkey, pkey_len); + memcpy(pkey, stored_pkey, pkey_len); truststore = efi_build_signature_store(pkey, pkey_len); if (!truststore) goto out; |