vboot: Add FIT_SIGNATURE_MAX_SIZE protection

This adds a new config value FIT_SIGNATURE_MAX_SIZE, which controls the max size of a FIT header's totalsize field. The field is checked before signature checks are applied to protect from reading past the intended FIT regions. This field is not part of the vboot signature so it should be sanity checked. If the field is corrupted then the structure or string region reads may have unintended behavior, such as reading from device memory. A default value of 256MB is set and intended to support most max storage sizes. Suggested-by: Simon Glass <sjg@chromium.org> Signed-off-by: Teddy Reed <teddy.reed@gmail.com> Reviewed-by: Simon Glass <sjg@chromium.org>
author: Teddy Reed <teddy.reed@gmail.com> 2018-06-09 11:38:05 -0400
committer: Tom Rini <trini@konsulko.com> 2018-07-10 16:55:58 -0400
commit: 72239fc85f3eda078547956608c063ab965e90e9 (patch)
tree: c4184de3db8760dafc7086c02e989ad208b85304 /tools
parent: 894c3ad27fa940beb7fdc07d01dcfe81c03d0481 (diff)
download: u-boot-72239fc85f3eda078547956608c063ab965e90e9.tar.gz
1 files changed, 1 insertions, 0 deletions
diff --git a/tools/Makefile b/tools/Makefile
index 5dd33ed4d5..0c3341e695 100644
--- a/tools/Makefile
+++ b/tools/Makefile
@@ -133,6 +133,7 @@ ifdef CONFIG_FIT_SIGNATURE
 # This affects include/image.h, but including the board config file
 # is tricky, so manually define this options here.
 HOST_EXTRACFLAGS	+= -DCONFIG_FIT_SIGNATURE
+HOST_EXTRACFLAGS	+= -DCONFIG_FIT_SIGNATURE_MAX_SIZE=$(CONFIG_FIT_SIGNATURE_MAX_SIZE)
 endif
 
 ifdef CONFIG_SYS_U_BOOT_OFFS
author	Teddy Reed <teddy.reed@gmail.com>	2018-06-09 11:38:05 -0400
committer	Tom Rini <trini@konsulko.com>	2018-07-10 16:55:58 -0400
commit	72239fc85f3eda078547956608c063ab965e90e9 (patch)
tree	c4184de3db8760dafc7086c02e989ad208b85304 /tools
parent	894c3ad27fa940beb7fdc07d01dcfe81c03d0481 (diff)
download	u-boot-72239fc85f3eda078547956608c063ab965e90e9.tar.gz