[Skiboot] [PATCH] core/flash: Validate secure boot content size

Stewart Smith stewart at flamingspork.com
Sat Aug 17 08:47:00 AEST 2019


On Fri, Aug 16, 2019, at 3:41 PM, Oliver O'Halloran wrote:
> Currently we don't check if the secure boot payload size fits within
> the partition that we are reading it from. This results in strange
> failures later on in boot if we cross the boundary between an ECCed
> and a non-ECCed partition since libflash does not support reading
> from regions with mixed ECC status.
> 
> Without this patch:
> 
> blocklevel_read: Can't cope with partial ecc
> FLASH: failed to read content size 15728640 BOOTKERNEL partition, rc 3
> 
> With:
> 
> FLASH: Cannot load BOOTKERNEL. Content is larger than the partition

Well, that's plausibly my fault.

Acked-by: Stewart Smith <stewart at flamingspork.com>


More information about the Skiboot mailing list