arm: imx: hab: Verify IVT self matches calculated address

The IVT is a self-describing structure which contains a self field. The
self field is the absolute physical base address the IVT ought to be at in
memory. Use the IVT self field to validate the calculated ivt_addr bugging
out if the two values differ.

Signed-off-by: Bryan O'Donoghue <[email protected]>
Cc: Stefano Babic <[email protected]>
Cc: Fabio Estevam <[email protected]>
Cc: Peng Fan <[email protected]>
Cc: Albert Aribaud <[email protected]>
Cc: Sven Ebenfeld <[email protected]>
Cc: George McCollister <[email protected]>
Cc: Breno Matheus Lima <[email protected]>
Tested-by: Breno Lima <[email protected]>
Reviewed-by: Fabio Estevam <[email protected]>

diff --git a/arch/arm/mach-imx/hab.c b/arch/arm/mach-imx/hab.c
index 998d253f2c7a447c828b60ab3795a834528bd962..39f8f2de59107ed70ed1fe2d0cf1f3f06732e2b1 100644 (file)
--- a/arch/arm/mach-imx/hab.c
+++ b/arch/arm/mach-imx/hab.c
@@ -450,6 +450,13 @@ int authenticate_image(uint32_t ddr_start, uint32_t image_size,
        if (verify_ivt_header(ivt_hdr))
                goto hab_caam_clock_disable;
 
+       /* Verify IVT body */
+       if (ivt->self != ivt_addr) {
+               printf("ivt->self 0x%08x pointer is 0x%08x\n",
+                      ivt->self, ivt_addr);
+               goto hab_caam_clock_disable;
+       }
+
        start = ddr_start;
        bytes = image_size;
 #ifdef DEBUG