u-boot/common
Teddy Reed 72239fc85f vboot: Add FIT_SIGNATURE_MAX_SIZE protection
This adds a new config value FIT_SIGNATURE_MAX_SIZE, which controls the
max size of a FIT header's totalsize field. The field is checked before
signature checks are applied to protect from reading past the intended
FIT regions.

This field is not part of the vboot signature so it should be sanity
checked. If the field is corrupted then the structure or string region
reads may have unintended behavior, such as reading from device memory.
A default value of 256MB is set and intended to support most max storage
sizes.

Suggested-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Teddy Reed <teddy.reed@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2018-07-10 16:55:58 -04:00
..
eeprom SPDX: Convert all of our single license tags to Linux Kernel style 2018-05-07 09:34:12 -04:00
init SPDX: Convert all of our single license tags to Linux Kernel style 2018-05-07 09:34:12 -04:00
spl spl: fit: verify images prior to post processing 2018-07-10 16:55:57 -04:00
autoboot.c bootcount: Rewrite autoboot to use wrapper functions from bootcount.h 2018-05-10 20:38:25 -04:00
avb_verify.c avb2.0: add boot states and dm-verity support 2018-06-18 13:55:13 -04:00
bedbug.c Consolidate bool type 2013-04-01 16:33:52 -04:00
board_f.c board_f: Only reserve memory for U-Boot if we're going to relocate 2018-06-05 20:19:08 -04:00
board_info.c SPDX: Convert all of our single license tags to Linux Kernel style 2018-05-07 09:34:12 -04:00
board_r.c board_r: Do not initialize IDE when DM BLK is on 2018-06-24 08:56:04 +08:00
boot_fit.c SPDX: Convert all of our single license tags to Linux Kernel style 2018-05-07 09:34:12 -04:00
bootm.c bootm: Handle kernel_noload on arm64 2018-06-19 07:31:45 -04:00
bootm_os.c SPDX: Convert all of our single license tags to Linux Kernel style 2018-05-07 09:34:12 -04:00
bootretry.c SPDX: Convert all of our single license tags to Linux Kernel style 2018-05-07 09:34:12 -04:00
bootstage.c SPDX: Convert all of our single license tags to Linux Kernel style 2018-05-07 09:34:12 -04:00
bouncebuf.c SPDX: Convert all of our single license tags to Linux Kernel style 2018-05-07 09:34:12 -04:00
cli.c SPDX: Convert all of our single license tags to Linux Kernel style 2018-05-07 09:34:12 -04:00
cli_hush.c SPDX: Convert all of our single license tags to Linux Kernel style 2018-05-07 09:34:12 -04:00
cli_readline.c SPDX: Convert all of our single license tags to Linux Kernel style 2018-05-07 09:34:12 -04:00
cli_simple.c SPDX: Convert all of our single license tags to Linux Kernel style 2018-05-07 09:34:12 -04:00
command.c SPDX: Convert all of our single license tags to Linux Kernel style 2018-05-07 09:34:12 -04:00
common_fit.c SPDX: Convert all of our single license tags to Linux Kernel style 2018-05-07 09:34:12 -04:00
console.c console: Fix handling of NULL global_data 2018-06-18 14:43:14 -04:00
cros_ec.c Remove unnecessary instances of DECLARE_GLOBAL_DATA_PTR 2018-04-27 14:54:48 -04:00
ddr_spd.c SPDX: Convert all of our single license tags to Linux Kernel style 2018-05-07 09:34:12 -04:00
dfu.c SPDX: Convert all of our single license tags to Linux Kernel style 2018-05-07 09:34:12 -04:00
dlmalloc.c malloc: Use malloc simple before malloc is fully initialized in memalign() 2018-05-26 18:19:19 -04:00
dlmalloc.src Consolidate bool type 2013-04-01 16:33:52 -04:00
edid.c SPDX: Convert all of our single license tags to Linux Kernel style 2018-05-07 09:34:12 -04:00
exports.c board/ls2085rdb: Export functions for standalone AQ FW load apps 2015-07-20 11:44:37 -07:00
fdt_support.c SPDX: Convert all of our single license tags to Linux Kernel style 2018-05-07 09:34:12 -04:00
flash.c SPDX: Convert all of our single license tags to Linux Kernel style 2018-05-07 09:34:12 -04:00
hash.c SPDX: Convert all of our single license tags to Linux Kernel style 2018-05-07 09:34:12 -04:00
hwconfig.c SPDX: Convert all of our single license tags to Linux Kernel style 2018-05-07 09:34:12 -04:00
image-android.c SPDX: Convert all of our single license tags to Linux Kernel style 2018-05-07 09:34:12 -04:00
image-fdt.c SPDX: Convert all of our single license tags to Linux Kernel style 2018-05-07 09:34:12 -04:00
image-fit.c fit: Verify all configuration signatures 2018-07-10 16:55:56 -04:00
image-sig.c vboot: Add FIT_SIGNATURE_MAX_SIZE protection 2018-07-10 16:55:58 -04:00
image.c u-boot: Fix several typos 2018-06-13 07:49:13 -04:00
iomux.c SPDX: Convert all of our single license tags to Linux Kernel style 2018-05-07 09:34:12 -04:00
iotrace.c iotrace: fix behaviour when buffer is full 2018-06-18 14:02:04 -04:00
kallsyms.c Add support for Linux-like kallsysms 2009-06-12 20:45:48 +02:00
Kconfig log: CONFIG_LOG should select CONFIG_DM 2018-04-28 10:42:35 -04:00
kgdb.c Fix spelling of "occurred". 2016-05-02 18:37:09 -04:00
kgdb_stubs.c Use correct spelling of "U-Boot" 2016-02-06 12:00:59 +01:00
lcd.c SPDX: Convert all of our single license tags to Linux Kernel style 2018-05-07 09:34:12 -04:00
lcd_console.c SPDX: Convert all of our single license tags to Linux Kernel style 2018-05-07 09:34:12 -04:00
lcd_console_rotation.c SPDX: Convert all of our single license tags to Linux Kernel style 2018-05-07 09:34:12 -04:00
lcd_simplefb.c SPDX: Convert all of our single license tags to Linux Kernel style 2018-05-07 09:34:12 -04:00
log.c log: Fix incorect range check in log_get_cat_name() 2018-06-18 14:43:14 -04:00
log_console.c SPDX: Convert all of our single license tags to Linux Kernel style 2018-05-07 09:34:12 -04:00
lynxkdi.c Remove unnecessary instances of DECLARE_GLOBAL_DATA_PTR 2018-04-27 14:54:48 -04:00
main.c SPDX: Convert all of our single license tags to Linux Kernel style 2018-05-07 09:34:12 -04:00
Makefile avb2.0: implement AVB ops 2018-06-18 13:55:13 -04:00
malloc_simple.c SPDX: Convert all of our single license tags to Linux Kernel style 2018-05-07 09:34:12 -04:00
memsize.c SPDX: Convert all of our single license tags to Linux Kernel style 2018-05-07 09:34:12 -04:00
menu.c menu: fix timeout duration 2018-06-05 20:19:08 -04:00
miiphyutil.c SPDX: Convert all of our single license tags to Linux Kernel style 2018-05-07 09:34:12 -04:00
s_record.c SPDX: Convert all of our single license tags to Linux Kernel style 2018-05-07 09:34:12 -04:00
splash.c env: Rename getenv/_f() to env_get() 2017-08-16 08:30:24 -04:00
splash_source.c SPDX: Convert all of our single license tags to Linux Kernel style 2018-05-07 09:34:12 -04:00
stdio.c SPDX: Convert all of our single license tags to Linux Kernel style 2018-05-07 09:34:12 -04:00
system_map.c Add support for Linux-like kallsysms 2009-06-12 20:45:48 +02:00
update.c SPDX: Convert all of our single license tags to Linux Kernel style 2018-05-07 09:34:12 -04:00
usb.c SPDX: Convert all of our single license tags to Linux Kernel style 2018-05-07 09:34:12 -04:00
usb_hub.c SPDX: Convert all of our single license tags to Linux Kernel style 2018-05-07 09:34:12 -04:00
usb_kbd.c SPDX: Convert all of our single license tags to Linux Kernel style 2018-05-07 09:34:12 -04:00
usb_storage.c SPDX: Convert all of our single license tags to Linux Kernel style 2018-05-07 09:34:12 -04:00
xyzModem.c xyz-modem: va_start() must be matched by va_end() 2018-05-10 20:38:34 -04:00