Hi Johann,
Le 08/02/2022 à 16:43, Johann Neuhauser a écrit :
Dear developers and Simon,
we wanna run secure boot with U-Boot's SPL_FIT_SIGNATURE and FIT_SIGNATURE on
our STM32MP1 boards and discovered the CVE-2021-27097.
To mitigate this vulnerability we wanna enable SPL_LOAD_FIT_FULL and
SPL_FIT_FULL_CHECK.
If I compile any U-Boot SPL with the mentioned config symbols after commit
6f3c2d8a, it fails always with the following error message:
Used defconfig: stm32mp15_dhcom_basic_defconfig (+ mentioned configs enabled)
```
...
LD spl/lib/built-in.o
LD spl/u-boot-spl
/usr/bin/arm-linux-gnueabihf-ld.bfd: common/built-in.o: in function
`fit_check_format':
/mnt/work/dev/u-boot/common/image-fit.c:1591: undefined reference to
`fdt_check_full'
make[1]: *** [scripts/Makefile.spl:432: spl/u-boot-spl] Error 1
make: *** [Makefile:1941: spl/u-boot-spl] Error 2
```
After diging around to find the cause, we're out of ideas.
Does anyone have a clue why the needed function is not compiled in libfdt for
the spl build?
I have reproduced this issue with this config
(stm32mp15_dhcom_basic_defconfig (+ mentioned configs enabled)).
The function fdt_check_full is build conditionnaly:
#if !defined(FDT_ASSUME_MASK) || FDT_ASSUME_MASK != 0xff
int fdt_check_full(const void *fdt, size_t bufsize)
{
...
}
In this config FDT_ASSUME_MASK is 0xff, so the function fdt_check_full
is not compiled.
I succeed to build (not tested) with this patch:
--- a/scripts/dtc/libfdt/fdt_ro.c
+++ b/scripts/dtc/libfdt/fdt_ro.c
@@ -937,4 +937,9 @@ int fdt_check_full(const void *fdt, size_t bufsize)
}
}
}
+#else
+int fdt_check_full(const void *fdt, size_t bufsize)
+{
+ return 0;
+}
#endif
If simon agrees with this fix, I may sent a patch.
Many thanks in advance.
Best regards,
Johann Neuhauser
DH electronics GmbH | Am Anger 8 | 83346 Bergen | Germany | Fon: +49 8662 4882 0
Board of Management: Stefan Daxenberger, Helmut Henschke | HRB Traunstein 9602
Regards,
Philippe