DescriptionVBoot Reference: Fix splicing bugs in Firmware and Kernel verification.
BUG=670
TESTS=Adds new tests which verify this doesn't occur anymore. Existing tests still pass.
The existing code computes and verifies signatures on firmware/kernel data and firmware/kernel versions separately. This causes a image splicing bug where it is possible to combine together a version signature from a valid new firmware with firmware data and signature from an older version. The same problem exists with kernel verification.
This CL fixes this by changing the firmware/kernel signatures to also include the version information.
For the Firmware, there's a separate signature on the preamble (which contains the version) but the firmware signature now also includes this preamble in addition to the firmware data.
For the Kernel, there's a separate signature on the kernel config/options (wich also contains the version), but the kernel signature now also includes these config/options in addition to the kernel data.
Patch Set 1 #Patch Set 2 : . #
Total comments: 1
Messages
Total messages: 3 (0 generated)
|