Merge "app: aboot: Verify boot image signature"
diff --git a/app/aboot/aboot.c b/app/aboot/aboot.c
index 0b6baf7..4a3011e 100755
--- a/app/aboot/aboot.c
+++ b/app/aboot/aboot.c
@@ -35,6 +35,7 @@
#include <arch/arm.h>
#include <string.h>
#include <stdlib.h>
+#include <limits.h>
#include <kernel/thread.h>
#include <arch/ops.h>
@@ -96,6 +97,8 @@
#define DEFAULT_ERASE_SIZE 4096
#define MAX_PANEL_BUF_SIZE 128
+#define ADD_OF(a, b) (UINT_MAX - b > a) ? (a + b) : UINT_MAX
+
static const char *emmc_cmdline = " androidboot.emmc=true";
static const char *usb_sn_cmdline = " androidboot.serialno=";
static const char *androidboot_mode = " androidboot.mode=";
@@ -1473,6 +1476,8 @@
{
unsigned kernel_actual;
unsigned ramdisk_actual;
+ uint32_t image_actual;
+ uint32_t dt_actual = 0;
struct boot_img_hdr *hdr;
char *ptr = ((char*) data);
int ret = 0;
@@ -1495,6 +1500,25 @@
kernel_actual = ROUND_TO_PAGE(hdr->kernel_size, page_mask);
ramdisk_actual = ROUND_TO_PAGE(hdr->ramdisk_size, page_mask);
+#if DEVICE_TREE
+ dt_actual = ROUND_TO_PAGE(hdr->dt_size, page_mask);
+#endif
+
+ image_actual = ADD_OF(page_size, kernel_actual);
+ image_actual = ADD_OF(image_actual, ramdisk_actual);
+ image_actual = ADD_OF(image_actual, dt_actual);
+
+ /* sz should have atleast raw boot image */
+ if (image_actual > sz) {
+ fastboot_fail("incomplete bootimage");
+ return;
+ }
+
+ /* Verify the boot image
+ * device & page_size are initialized in aboot_init
+ */
+ if (target_use_signed_kernel() && (!device.is_unlocked))
+ verify_signed_bootimg((uint32_t)data, image_actual);
/*
* Update the kernel/ramdisk/tags address if the boot image header
@@ -1516,12 +1540,6 @@
return;
}
- /* sz should have atleast raw boot image */
- if (page_size + kernel_actual + ramdisk_actual > sz) {
- fastboot_fail("incomplete bootimage");
- return;
- }
-
#if DEVICE_TREE
/* find correct dtb and copy it to right location */
ret = copy_dtb(data);