[PATCH 0/8] vboot: Correct vulnerabilities identified by Intel

[Simon Glass <sjg@chromium.org>]

This series fixes some vulnerabilities in U-Boot identified by:

    Julien Lenoir <julien.lenoir@intel.com>
    Bruce Monroe <bruce.monroe@intel.com>
    Arie Haenel <arie.haenel@intel.com>

First problem
-------------
CVE ID - CVE-2021-27097
Reference URL - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27097
Note this CVE ID will so reserved until a few days after publication.

CVE Description:
Improper input validation in U-Boot boot loader before version 2021.04-rc2
may allow an authenticated user escalate privileges via local access.

CVSS Base Score: 7.8 High
CVSS Vector - https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

U-Boot fetches the signature from the "/configuration" node and later the
code from the "/images" node, once signature is verified.

The list of nodes to hash is stored in the 'hashed-nodes' property of the
signature node:

   hashed-nodes = b'/\x00/configurations/conf at 1\x00
             /images/kernel at 1\x00/images/kernel at 1/hash at 1\x00'

Signature is computed on memory blocks fetched by the
fdt_find_regions_function() function. This matches the blocks based on
their 'path', based on the nodes/prop names of the tree.

The problem is: the fact that the first node is the root, i.e. a node with
an empty name, seems to be a convention that UBoot assumes to be true, but
it does not check it explicitly.

It is possible to build a FIT in which the first node has a non-empty
name, for example 'f at kenode' followed by a genuine root node (with an
empty name). U-Boot will then fetch the configuration and images from the
fake node, thus fetching from '/f at kenode/configuration' and
'/f at kenode/images".

Contrarywise, the fdt_find_regions_function() function, matches nodes on
their full path, without this assumption.

As a result: signature is checked on the 'real' root node while code is
loaded from the fake one.

Second problem
--------------
CVE ID - CVE-2021-27138

CVE Description:

Improper input validation in Das U-Boot before version 2020.04-rc2 may
allow an authenticated user escalate privileges via local access.

CVSS Base Score: 7.8 High

CVSS Vector - https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CVE ID - CVE-2021-27138 - Reference URL - http://cve.mitre.org/cgi-bin/cvename.cgi?name= CVE-2021-27138. Note this CVE ID will so reserved until a few days after publication.

A second problem is noticed when an @ symbol is added to a node that does
not already have one. In 2017 U-Boot moved away from using @ in node names
due to the devicetree compiler warning about them, e.g. in this commit:

 838404054e4 ("doc: FIT image: fix incorrect description of DT node unit address")

This means that it is possible to add a node name, like fdt-1 at evil before
the existing fdt-1 node, and U-Boot will use the first one, due to the way
the unit-address matching works. Of course, people may still be using the
older @ nodes and thus avoiding this problem, but the examples were
updated to use a hyphen so this is unlikely.

This series corrects the above vulnerabilities.


Simon Glass (8):
  fdt_region: Check for a single root node of the correct name
  fit: Don't allow verification of images with @ nodes
  test: Add vboot_evil implementation
  test: Add tests for the 'evil' vboot attacks
  image: Adjust the workings of fit_check_format()
  image: Add an option to do a full check of the FIT
  libfdt: Check for multiple/invalid root nodes
  image: Check for unit addresses in FITs

 arch/arm/cpu/armv8/sec_firmware.c  |   2 +-
 cmd/bootefi.c                      |   2 +-
 cmd/bootm.c                        |   6 +-
 cmd/disk.c                         |   2 +-
 cmd/fpga.c                         |   2 +-
 cmd/nand.c                         |   2 +-
 cmd/source.c                       |   2 +-
 cmd/ximg.c                         |   2 +-
 common/Kconfig.boot                |  20 ++
 common/fdt_region.c                |  11 +
 common/image-fdt.c                 |   2 +-
 common/image-fit-sig.c             |  22 +-
 common/image-fit.c                 | 126 ++++++--
 common/splash_source.c             |   6 +-
 common/update.c                    |   4 +-
 drivers/fpga/socfpga_arria10.c     |   6 +-
 drivers/net/fsl-mc/mc.c            |   2 +-
 drivers/net/pfe_eth/pfe_firmware.c |   2 +-
 include/image.h                    |  21 +-
 scripts/dtc/libfdt/fdt_ro.c        |  17 +
 test/py/tests/test_fit.py          |  24 +-
 test/py/tests/test_vboot.py        |  95 ++++--
 test/py/tests/vboot_evil.py        | 485 +++++++++++++++++++++++++++++
 test/py/tests/vboot_forge.py       |  12 +-
 tools/fit_common.c                 |   3 +-
 tools/fit_image.c                  |   2 +-
 tools/mkimage.h                    |   2 +
 27 files changed, 781 insertions(+), 101 deletions(-)
 create mode 100644 test/py/tests/vboot_evil.py

-- 
2.30.0.478.g8a0d178c01-goog